rust-vmm Building the Virtualization Stack of the Future Andreea - - PowerPoint PPT Presentation

rust vmm
SMART_READER_LITE
LIVE PREVIEW

rust-vmm Building the Virtualization Stack of the Future Andreea - - PowerPoint PPT Presentation

May 26, 2023 365 likes •727 views

rust-vmm Building the Virtualization Stack of the Future Andreea Florescu <fandree@amazon.com> - Open Source Enthusiast Who am I? - Software Development Engineer @ Amazon - Firecracker maintainer - rust-vmm contributor 2 VMM or

slide-1
SLIDE 1

rust-vmm

Building the Virtualization Stack of the Future

Andreea Florescu <fandree@amazon.com>

slide-2
SLIDE 2

Who am I?

  • Open Source

Enthusiast

  • Software Development

Engineer @ Amazon

  • Firecracker

maintainer

  • rust-vmm contributor

2

slide-3
SLIDE 3

VMM or Hypervisor?

3

slide-4
SLIDE 4

Linux Virtualization Stack

4

Host

Linux Kernel

KVM

VMM VMM VMM VMM VMM Virtual Machine Virtual Machine Virtual Machine Virtual Machine Virtual Machine ... Hypervisor

slide-5
SLIDE 5

What is rust-vmm?

5

  • Building blocks for

VMMs written in Rust

  • Virtualization

components (crates)

  • Open Source
slide-6
SLIDE 6

Why rust-vmm?

  • Faster development for new custom VMMs
  • Security & Testability
  • Clean interface
  • Reduce code duplication (CrosVM & Firecracker)

6

slide-7
SLIDE 7

Why rust-vmm?

  • Faster development for new custom VMMs
  • Security & Testability
  • Clean interface
  • Reduce code duplication (CrosVM & Firecracker)

7

slide-8
SLIDE 8

Why rust-vmm?

  • Faster development for new custom VMMs
  • Security & Testability
  • Clean interface
  • Reduce code duplication (CrosVM & Firecracker)

8

slide-9
SLIDE 9

Why rust-vmm?

  • Faster development for new custom VMMs
  • Security & Testability
  • Clean interface
  • Reduce code duplication (CrosVM & Firecracker)

9

slide-10
SLIDE 10

Why rust-vmm?

  • Faster development for new custom VMMs
  • Security & Testability
  • Clean interface
  • Reduce code duplication (CrosVM & Firecracker)

10

slide-11
SLIDE 11

rust-vmm development

11

slide-12
SLIDE 12

Who is contributing?

12

Alibaba Cloud AWS Cloudbase Solutions CrowdStrike Google Intel RedHat

Individual Contributors

slide-13
SLIDE 13

Adding crates to rust-vmm

  • CrosVM/Firecracker
  • Wrappers over the KVM API
  • Guest Memory
  • ...
  • Developing from scratch
  • vhost-user
  • ACPI
  • ...

13

slide-14
SLIDE 14

Existing crates

14

slide-15
SLIDE 15

vm-memory - Firecracker

  • Guest Address

15

slide-16
SLIDE 16

vm-memory - Firecracker

  • Guest Address
  • Memory Region

16

mem-region

Start addr (GuestAddress) End addr (GuestAddress)

Anonymous Shared Mem

slide-17
SLIDE 17

vm-memory - Firecracker

  • Guest Address
  • Memory Region
  • Guest Memory

17

mem-region

Start addr (GuestAddress) End addr (GuestAddress)

Anonymous Shared Mem

mem-region mem-region mem-region mem-region Guest Memory

slide-18
SLIDE 18

vm-memory - Firecracker

  • Guest Address
  • Memory Region
  • Guest Memory

18

vm-memory - rust-vmm

  • Trait Guest Address
  • Trait Memory Region
  • Trait Guest Memory

mem-region

Start addr (GuestAddress) End addr (GuestAddress)

Anonymous Shared Mem

mem-region mem-region mem-region mem-region Guest Memory mem-region

Start addr (GuestAddress) End addr (GuestAddress)

Anonymous/File Shared Mem

slide-19
SLIDE 19

New Usecases Supported with rust-vmm

  • Vhost-user
  • memfd based Guest Memory
  • memory hotplug
  • cross region reads from Guest Memory

19

slide-20
SLIDE 20

kvm-ioctls

  • Line Coverage (79.3% -> 91.3%)
  • Documentation for public interface
  • Code Examples
  • Experimental aarch64 support

20

slide-21
SLIDE 21

From idea to published crate

21

Idea GitHub Issue Design

Design Discussions

github/rust-vmm/community

Pull Requests

Continuous Integration

Crate in Dev

Tests Documentation License Empty Crate

Milestone 0

Crate in Dev

Milestone 1

Publish

crates.io

Milestone 2

slide-22
SLIDE 22

Current Status

22 Empty Crate

Milestone 0

Crate in Dev

Milestone 1

Publish

crates.io

Milestone 2

kvm-bindings kvm-ioctls vm-memory vmm-vcpu vhost linux-loader vm-device vm-virtio

slide-23
SLIDE 23

Demo Time

23

slide-24
SLIDE 24

Fake Demo Time

24

slide-25
SLIDE 25

25

VMM API

containers-vmm

slide-26
SLIDE 26

26

virtio-fs kvm-ioctls acpi vm-memory kernel-loader VMM API vm-virtio block vsock

containers-vmm

net serial cpuid

rust-vmm components

rate-limiter

slide-27
SLIDE 27

27

virtio-fs kvm-ioctls acpi vm-memory kernel-loader VMM API vm-virtio block vsock

containers-vmm

net serial cpuid

rust-vmm components

rate-limiter

slide-28
SLIDE 28

28

virtio-fs kvm-ioctls acpi vm-memory kernel-loader VMM API vm-virtio block vsock

containers-vmm

net serial cpuid

rust-vmm components

rate-limiter

slide-29
SLIDE 29

29

virtio-fs kvm-ioctls acpi vm-memory kernel-loader VMM API VMM Glue vm-virtio block vsock

containers-vmm

net serial cpuid

rust-vmm components

rate-limiter

slide-30
SLIDE 30

Does the world need more VMMs?

30

slide-31
SLIDE 31

rust-vmm powering:

31

Now:

  • Firecracker

Future:

  • CrosVM
  • QEMU
slide-32
SLIDE 32

Open Questions

  • Test integration of crates
  • Create a reference VMM implementation
  • Same version for all crates?
  • Security Testing
  • Fuzzing

32

slide-33
SLIDE 33

What’s next?

  • Hypervisor-agnostic crates
  • Using rust-vmm crates in existing VMMs
  • Purpose-built VMM for container workloads

33

slide-34
SLIDE 34

What’s next?

  • Hypervisor-agnostic crates
  • Using rust-vmm crates in existing VMMs
  • Purpose-built VMM for container workloads

Come decide with us!

34

slide-35
SLIDE 35

Be part of rust-vmm!

  • Become a member of rust-vmm on GitHub
  • Subscribe to the rust-vmm email list
  • Want feedback on your work? Submit a review

request!

35