Summary of the content on the page No. 1
Xen Expert Days
Virtualization with Xen
SUSE Linux Enterprise Server 10
Ralf Dannert
Technology Specialist
rdannert@novell.com
Summary of the content on the page No. 2
Agenda • Use cases • Terminology and Architecture • VM installation • Using Xen • Case Studies • Roadmap • Novell offerings • Helpful Links 2 © Novell Inc. All rights reserved
Summary of the content on the page No. 3
Server Virtualization: Analyst's View 3 © Novell Inc. All rights reserved
Summary of the content on the page No. 4
4 © Novell Inc. All rights reserved
Summary of the content on the page No. 5
Executive Summary ● Novell product portfolio offers choice – Customers can choose to deploy virtualization technologies provided by Novell and other VT vendors ● Novell virtualization strategy is focused on Xen – Customer demand for server consolidation and price / performance will foster rapid acceptance ● Novell supports customers – Virtual Machine Server Hardware from partners and Virtual Machine configurations are listed in YES certification bulletins – Novell Technical Services suppo
Summary of the content on the page No. 6
Use Cases
Summary of the content on the page No. 7
Uses of Virtualization Virtual Virtual Resources Resources Sharing Aggregation Physical Physical Resources Resources Examples: VMs, LPARs, Virtual Disks, VLANs Examples: Virtual Disks, Virtual Storage Pools Virtual Virtual Resources Resources Extension Transparent Change Physical Physical Resources Resources Add or Replace Examples: iSCSI, Architecture Emulators Examples: Spare CPU Substitution, CUoD 7 © Novell Inc. All rights reserved
Summary of the content on the page No. 8
Use cases • Virtualization allows for more flexibility – Virtual Machines (VM) isolate hardware differences due to a abstracted resource layer between hardware and OS – Decouples software stacks from hardware life cycles – Dynamic provisioning reduces time to operation: pre- configured application stacks are faster to deploy – Integrated high availability increases reliability A A A A A A A OS OS OS OS OS VM Virtualization Layer Hardware 8 © Novell Inc. All rights reserved
Summary of the content on the page No. 9
Terminology and Architecture
Summary of the content on the page No. 10
SLES 10 VM Server SLES 9 and Windows XP - Fully Virtualized VMs 10 © Novell Inc. All rights reserved
Summary of the content on the page No. 11
Xen Technology Background Originally a research project from University of Cambridge Open source Xen 2.0 released November 2004 Xen 3.0.0 released December 2005 Xen 3.0.2 release May 2006 (SLES 10 Target) Xen 3.0.4 SLES 10 SP1 Target 11 © Novell Inc. All rights reserved
Summary of the content on the page No. 12
Xen Community Terminology Domain: A container for a running virtual machine. Colloquially, the VM itself. Domain 0: The first domain. Privileged to manage other domains. a.k.a. “dom0”. Unprivileged domain: Any domain other than domain 0. Cannot manage other domains. a.k.a. “domU”. Driver domain: A domain that contains physical drivers. Usually this is just domain 0. Physical driver: A device driver (usually in the driver domain) that talks to the hardware. Virtual driver: A d
Summary of the content on the page No. 13
Full & Paravirtualization Overview Full Virtualization Paravirtualization Apps Apps Apps Apps Operating Operating Operating Operating System System System System A A P P Virtual Virtual I I A Virtual Virtual A Machine Machine P Machine P Machine I I Virtual Machine Monitor Virtual Machine Monitor HW Platform HW Platform Static modification of Guest OS prior to Runtime modification of Guest OS: runtime: Privileged instruction calls are VMM manages the conflict, then exchanged with API f
Summary of the content on the page No. 14
Novell Terminology Fully Virtual: A VM mode that can run a native, unmodified operating system by emulating all hardware devices. Paravirtual: A VM mode that can run a modified operating system, which cooperates with the VMM. VT Computer: Computer supporting HVM Intel VT, AMD Standard Computer: A computer that does not support virtualization technology and therefore can run Xen VMs only in paravirtual mode. Native Operating System: A typical operating system that is not optimized for t
Summary of the content on the page No. 15
Privilege Rings Xen runs at ring 0 (highest privilege) All domains run at rings 1 - 3. • Kernel is ring 1 • User-space is ring 3 Applications Applications ring 3 domain 0 (management) Linux Kernel Kernel Kernel ring 1 Hypercalls Events Hypervisor (XEN) ring 0 Physical Hardware 15 © Novell Inc. All rights reserved
Summary of the content on the page No. 16
Hardware assisted virtualization •VT Computer • run multiple OS concurrently • protected execution environments • priviledge ring expansion • simplify hypervisor • Intel VT for directed I/O(VT-d) - direct assign I/O –no emulated drivers necessary 16 © Novell Inc. All rights reserved
Summary of the content on the page No. 17
Extending Intel Virtualization Technology • support for I/O device virtualization – direct I/O virtualization to the chipset(“VT-d”). Currently, I/O devices aren’t aware of virtualization and must go through the VMM before being assigned to a virtual machine. • software emulation slow – Performance > I/O requests must traverse two I/O stacks (guest and host) – Functionality > Guest OSes “see” only restricted sets of legacy devices – Reliability > Drivers are potentially undependable if t
Summary of the content on the page No. 18
Full Virtualization Mode on VT using qemu-dm ● using “device model” ● hypervisor intercepts mmio regions ● forwards request to qemu ● i.e.: read request to harddisk ● VM emulates the following devices ● requires the VM's operating system to install, load, and run its native device drivers ● Network card: AMD PCnet, NE2000 ● Disk drive: IDE ● Graphics card: Cirrus Logic* GD5446, VESA-compliant VGA ● Input: PS/2 mouse and keyboard ● Sound: Creative* Sound Blaster 16, Ensoniq* ES1370 18 ©
Summary of the content on the page No. 19
Intel Pre- and Post-VT 19 © Novell Inc. All rights reserved
Summary of the content on the page No. 20
AMD IOMMU •in DomU OS not loaded at address 0 •Xen: direct access to memory difficult-->corruption •hypervisor intervenes in I/O, apply translation-->overhead •solutions: • rewrite graphics driver ? • HW to support IOMMU •AMD IOMMU -provides isolation and memory protection •IOMMU: device remap address accessed by HW, 20 © Novell Inc. All rights reserved