Streszczenie treści zawartej na stronie nr. 1
Xen Expert Days
Virtualization with Xen
SUSE Linux Enterprise Server 10
Ralf Dannert
Technology Specialist
rdannert@novell.com
Streszczenie treści zawartej na stronie nr. 2
Agenda • Use cases • Terminology and Architecture • VM installation • Using Xen • Case Studies • Roadmap • Novell offerings • Helpful Links 2 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 3
Server Virtualization: Analyst's View 3 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 4
4 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 5
Executive Summary ● Novell product portfolio offers choice – Customers can choose to deploy virtualization technologies provided by Novell and other VT vendors ● Novell virtualization strategy is focused on Xen – Customer demand for server consolidation and price / performance will foster rapid acceptance ● Novell supports customers – Virtual Machine Server Hardware from partners and Virtual Machine configurations are listed in YES certification bulletins – Novell Technical Services suppo
Streszczenie treści zawartej na stronie nr. 6
Use Cases
Streszczenie treści zawartej na stronie nr. 7
Uses of Virtualization Virtual Virtual Resources Resources Sharing Aggregation Physical Physical Resources Resources Examples: VMs, LPARs, Virtual Disks, VLANs Examples: Virtual Disks, Virtual Storage Pools Virtual Virtual Resources Resources Extension Transparent Change Physical Physical Resources Resources Add or Replace Examples: iSCSI, Architecture Emulators Examples: Spare CPU Substitution, CUoD 7 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 8
Use cases • Virtualization allows for more flexibility – Virtual Machines (VM) isolate hardware differences due to a abstracted resource layer between hardware and OS – Decouples software stacks from hardware life cycles – Dynamic provisioning reduces time to operation: pre- configured application stacks are faster to deploy – Integrated high availability increases reliability A A A A A A A OS OS OS OS OS VM Virtualization Layer Hardware 8 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 9
Terminology and Architecture
Streszczenie treści zawartej na stronie nr. 10
SLES 10 VM Server SLES 9 and Windows XP - Fully Virtualized VMs 10 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 11
Xen Technology Background Originally a research project from University of Cambridge Open source Xen 2.0 released November 2004 Xen 3.0.0 released December 2005 Xen 3.0.2 release May 2006 (SLES 10 Target) Xen 3.0.4 SLES 10 SP1 Target 11 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 12
Xen Community Terminology Domain: A container for a running virtual machine. Colloquially, the VM itself. Domain 0: The first domain. Privileged to manage other domains. a.k.a. “dom0”. Unprivileged domain: Any domain other than domain 0. Cannot manage other domains. a.k.a. “domU”. Driver domain: A domain that contains physical drivers. Usually this is just domain 0. Physical driver: A device driver (usually in the driver domain) that talks to the hardware. Virtual driver: A d
Streszczenie treści zawartej na stronie nr. 13
Full & Paravirtualization Overview Full Virtualization Paravirtualization Apps Apps Apps Apps Operating Operating Operating Operating System System System System A A P P Virtual Virtual I I A Virtual Virtual A Machine Machine P Machine P Machine I I Virtual Machine Monitor Virtual Machine Monitor HW Platform HW Platform Static modification of Guest OS prior to Runtime modification of Guest OS: runtime: Privileged instruction calls are VMM manages the conflict, then exchanged with API f
Streszczenie treści zawartej na stronie nr. 14
Novell Terminology Fully Virtual: A VM mode that can run a native, unmodified operating system by emulating all hardware devices. Paravirtual: A VM mode that can run a modified operating system, which cooperates with the VMM. VT Computer: Computer supporting HVM Intel VT, AMD Standard Computer: A computer that does not support virtualization technology and therefore can run Xen VMs only in paravirtual mode. Native Operating System: A typical operating system that is not optimized for t
Streszczenie treści zawartej na stronie nr. 15
Privilege Rings Xen runs at ring 0 (highest privilege) All domains run at rings 1 - 3. • Kernel is ring 1 • User-space is ring 3 Applications Applications ring 3 domain 0 (management) Linux Kernel Kernel Kernel ring 1 Hypercalls Events Hypervisor (XEN) ring 0 Physical Hardware 15 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 16
Hardware assisted virtualization •VT Computer • run multiple OS concurrently • protected execution environments • priviledge ring expansion • simplify hypervisor • Intel VT for directed I/O(VT-d) - direct assign I/O –no emulated drivers necessary 16 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 17
Extending Intel Virtualization Technology • support for I/O device virtualization – direct I/O virtualization to the chipset(“VT-d”). Currently, I/O devices aren’t aware of virtualization and must go through the VMM before being assigned to a virtual machine. • software emulation slow – Performance > I/O requests must traverse two I/O stacks (guest and host) – Functionality > Guest OSes “see” only restricted sets of legacy devices – Reliability > Drivers are potentially undependable if t
Streszczenie treści zawartej na stronie nr. 18
Full Virtualization Mode on VT using qemu-dm ● using “device model” ● hypervisor intercepts mmio regions ● forwards request to qemu ● i.e.: read request to harddisk ● VM emulates the following devices ● requires the VM's operating system to install, load, and run its native device drivers ● Network card: AMD PCnet, NE2000 ● Disk drive: IDE ● Graphics card: Cirrus Logic* GD5446, VESA-compliant VGA ● Input: PS/2 mouse and keyboard ● Sound: Creative* Sound Blaster 16, Ensoniq* ES1370 18 ©
Streszczenie treści zawartej na stronie nr. 19
Intel Pre- and Post-VT 19 © Novell Inc. All rights reserved
Streszczenie treści zawartej na stronie nr. 20
AMD IOMMU •in DomU OS not loaded at address 0 •Xen: direct access to memory difficult-->corruption •hypervisor intervenes in I/O, apply translation-->overhead •solutions: • rewrite graphics driver ? • HW to support IOMMU •AMD IOMMU -provides isolation and memory protection •IOMMU: device remap address accessed by HW, 20 © Novell Inc. All rights reserved