sun tm xvm hypervisor
play

Sun TM xVM Hypervisor Gary Pennington Solaris Kernel Engineer - PowerPoint PPT Presentation

Sep 08, 2022 •356 likes •731 views

USE IMPROVE EVANGELIZE Sun TM xVM Hypervisor Gary Pennington Solaris Kernel Engineer April 24, 2008 USE IMPROVE EVANGELIZE Agenda Hypervisors 101 Introduction to Sun TM xVM Hypervisor Use Cases Using the hypervisor

  1. USE IMPROVE EVANGELIZE Sun TM xVM Hypervisor Gary Pennington Solaris Kernel Engineer April 24, 2008

  2. USE IMPROVE EVANGELIZE Agenda ● Hypervisors 101 ● Introduction to Sun TM xVM Hypervisor ● Use Cases ● Using the hypervisor – Control domain: booting, services, tools – Guest domains: creation, booting – Debugging ● Futures 2

  3. USE IMPROVE EVANGELIZE Hypervisors 101 ● Provides a “Virtual Machine” ● Not new – VM/370 over 30 years ago ● Controls hardware – memory/cpu/io devices ● Schedules cpus/memory/io rate ● May emulate real devices ● For x86/x64 multiple choices available: – Xen – VMWare – MSFT Virtual Server – Others 3

  4. USE IMPROVE EVANGELIZE Para vs. Full Virtualization ● Full Virtualization (HVM): – Runs binary image of “metal” OS – Must emulate i/o devices – Can be slow – Need help from hardware – May use trap and emulate or rewriting ● Para-virtualization – Runs OS ported to special arch – Uses generic “virtual” device drivers – Can be more efficient since it is hypervisor-aware 4

  5. USE IMPROVE EVANGELIZE Full Virtualization (HVM) ● Some operating systems have not been paravirtualized – Microsoft, older Solaris, older Linux, OS/2 (!), ... ● New processor features to enable full virtualization – Intel VT and AMD-V • Needs to be enabled by the BIOS, so having the right CPU may not be enough – Trap to the hypervisor for “unsafe” instructions, memory access, etc. • Hypervisor emulates some effects, uses device emulation for others 5

  6. USE IMPROVE EVANGELIZE Agenda ● Hypervisors 101 ● Introduction to Sun TM xVM Hypervisor ● Use Cases ● Using the hypervisor – Control domain: booting, services, tools – Guest domains: creation, booting – Debugging ● Futures 6

  7. USE IMPROVE EVANGELIZE What is Sun TM xVM hypervisor? ● An open source hypervisor ● A port of Solaris to run on the hypervisor ● A set of control tools for the hypervisor ● A set of support tools for running other operating systems on the hypervisor under the direction of Solaris 7

  8. USE IMPROVE EVANGELIZE Open source hypervisor technology ● Originally developed at the University of Cambridge, England – Licensed under the GPLv2 and LGPL – XenSource (now Citrix): a start-up created by the original developers of the project to commercialize the results ● Significant contributions from Intel, AMD, IBM, HP, Fujitsu, and more ● Mostly x86, but also available on PPC and Itanium ● Now at version 3.1.3 (3.1.4-rc8) 8

  9. USE IMPROVE EVANGELIZE Hypervisor Design Principles and Goals ● Existing applications and binaries must run unmodified ● Support for multi-process, multi-application application environments – Permit complex server configurations to be virtualized within a single guest OS instance ● Paravirtualization (PV) enables high performance and strong isolation between domains – Particularly on uncooperative architectures (x86) ● Support up to 100 active VM instances on modern servers ● Live migration of VM instances between servers 9

  10. USE IMPROVE EVANGELIZE Sun TM xVM Architecture domU3 domU1 domU2 dom0 VM3 VM0 VM1 VM2 Device Unmodified Unmodified Unmodified Manager & User User User Control s/w Software Software Software GuestOS GuestOS GuestOS Unmodified (Solaris) (XenLinux ) (Solaris) GuestOS AGP (WinXP )) ACPI Back -End Back -End SMP PCI Native Native Device Front -End Front -End Device VT or Driver Device Drivers Device Drivers Driver SVM Control IF Safe HW IF Event Channel Virtual CPU Virtual MMU 32/64bit Hypervisor Hardware (SMP, MMU, physical memory, Ethernet, SCSI/IDE) 10

  11. USE IMPROVE EVANGELIZE Key Capabilities ● Checkpoint/restart and live migration – Managed provisioning – Grid operations: virtual platform ● Multiple OSes running simultaneously – Solaris, Linux, Windows – No longer a boot-time decision ● Special purpose kernels – JVM, drivers, filesystems, ... 11

  12. USE IMPROVE EVANGELIZE Agenda ● Hypervisors 101 ● Introduction to Sun TM xVM Hypervisor ● Use Cases ● Using hypervisor – Control domain: booting, services, tools – Guest domains: creation, booting – Debugging ● Futures 12

  13. USE IMPROVE EVANGELIZE Use Cases (Enterprise) ● Single node consolidation/test system ● Multi (many) node virtual infrastructure – Windows, Linux, Solaris Consolidation – Application Grids – e.g. Oracle's datacenters ● Utility Computing – Amazon EC2 ● Virtual Desktop environments – Call centers (DT) ● Quick roll out/re-provision/disaster recovery ● Virtual appliance deployment 13

  14. USE IMPROVE EVANGELIZE Use Cases (Developers) ● Good for: – Develop and test: • Fast turn-around time (shutdown and reboot) • User-level code • Installation • General kernel components – Older Solaris, Microsoft, Linux, ... – “Network in a box” – Sharing canned system configurations ● Clone and snapshot of zvols – Quickly produce multiple identical guest domains – Quickly return to a known stable state 14

  15. USE IMPROVE EVANGELIZE Agenda ● Hypervisors 101 ● Introduction to Sun TM xVM Hypervisor ● Use Cases ● Using hypervisor – Control domain: booting, services, tools – Guest domains: creation, booting – Debugging ● Futures 15

  16. USE IMPROVE EVANGELIZE Using xVM: Booting the control domain ● Grub loads the hypervisor, kernel and boot archive: title Solaris xVM kernel$ /boot/$ISADIR/xen.gz module$ /platform/i86xpv/kernel/$ISADIR/unix /platform/i86xpv/kernel/$ISADIR/unix module$ /platform/i86pc/$ISADIR/boot_archive ● Hypervisor: – Initializes, probes hardware, etc. – Creates dom0 environment around the kernel and boot archive – Jumps to dom0 kernel Note : ● Extended Grub syntax to allow expansion of environment specific tokens ( kernel$ , module$ , – $ISADIR ) Boot archive is separated into 32 bit and 64 bit – 16

  17. USE IMPROVE EVANGELIZE Using xVM: Serial Consoles ● If you want to see hypervisor output over a serial line, edit the kernel$ line: title Solaris xVM kernel$ /boot/$ISADIR/xen.gz console=com1 com1=9600,8n1 module$ /platform/i86xpv/kernel/$ISADIR/unix /platform/i86xpv/kernel/$ISADIR/unix -B console=hypervisor module$ /platform/i86pc/$ISADIR/boot_archive 17

  18. USE IMPROVE EVANGELIZE Using xVM: dom0 services ● svc:/system/xvm/store:default – File-based database used to store configuration of known domains ● svc:/system/xvm/xend:default – Long running daemon used by administrative tools to communicate with the hypervisor – Performs much of the work of creating guest domains, migration, etc. ● svc:/system/xvm/console:default – Mediates access to guest domain consoles (badly) ● svc:/system/xvm/domains:default – Automatically creates and destroys guest domains at service start/stop time (typically system boot/shutdown) 18

  19. USE IMPROVE EVANGELIZE Using xVM: dom0 tools (1) ● xm – Low-level xVM specific command to query the state of the hypervisor, create domains, manipulate configuration, etc. shocks# xm start x1 shocks# xm list Name ID Mem VCPUs State Time(s) Domain-0 0 984 2 r----- 810.3 x1 2 1023 1 r----- 9.1 shocks# xm console x1 ... x1 console login: root Password: Last login: Sat Sep 8 02:02:28 on console Sep 8 18:00:13 x1 login: ROOT LOGIN /dev/console Sun Microsystems Inc. SunOS 5.11 matrix-build-2007-08-21 October 2007 # 19

  20. USE IMPROVE EVANGELIZE Using xVM: dom0 tools (2) virsh ● – hypervisor agnostic command to query the state of the hypervisor, create domains, manipulate configuration, etc. • Only xVM support for now, but Logical Domains coming – Built on libvirt : shocks#; virsh dominfo x1 Id: 2 Name: x1 UUID: b0bece06-8bee-085b-b657-dd642da0daa0 OS Type: linux State: blocked CPU(s): 1 CPU time: 98.7s Max memory: 1048576 kB Used memory: 1047540 kB : shocks#; 20

  21. USE IMPROVE EVANGELIZE Using xVM: dom0 tools (3) virt-install ● – Facilitate the installation of para-virtual and HVM guests – Interactive or command line arguments – Install off media (DVD), from an ISO, or over NFS – Built on libvirt Solaris PV Guest virt-install -n solarisPV --paravirt -r 1024 \ --nographics -f /export/solarisPV/root.img -s 16 \ -l /ws/matrix-gate/public/isos/72-0910/solarisdvd.iso Solaris HVM Guest virt-install -n solarisHVM --hvm -r 1024 --vnc \ -f /export/solarisHVM/root.img -s 16 \ -c /ws/matrix-gate/public/isos/72-0910/solarisdvd.iso 21

  22. USE IMPROVE EVANGELIZE Using xVM: dom0 tools (3) cont'd virt-install ● WinXP HVM Guest # virt-install -n winxp --hvm -r 1024 --vnc \ -f /export/winxp/root.img -s 16 -c /windows/media.iso Set the VNC password property in xend's SMF configuration before starting ● a HVM domain which uses VNC # svccfg -s xvm/xend setprop \ config/vncpasswd = astring: \”somepwd\” # svcadm refresh xvm/xend; svcadm restart xvm/xend If remotely displaying the VNC session, you must also set the vnc-listen ● property # svccfg -s xvm/xend setprop \ config/vnc-listen = astring: \”0.0.0.0\” # svcadm refresh xvm/xend; svcadm restart xvm/xend 22

  23. USE IMPROVE EVANGELIZE Using xVM: dom0 tools (4) virt-manager (not yet integrated) ● – Gnome desktop application for managing virtual machines – Single physical system focus – Built on libvirt – http://opensolaris.org/os/project/jds/tasks/virt-manager/ 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hyper-Cube High-Dimensional Hypervisor Fuzzing Sergej Schumilo, Cornelius Aschermann, Ali Abbasi,

Hyper-Cube High-Dimensional Hypervisor Fuzzing Sergej Schumilo, Cornelius Aschermann, Ali Abbasi,

Hyper-Cube High-Dimensional Hypervisor Fuzzing Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wrner and Thorsten Holz Chair for Systems Security Ruhr-Universitt Bochum Motivation Hypervisor Motivation Hypervisor VM 1 VM 2

688 views • 53 slides
Using the Xen Hypervisor to Turbocharge OS Deployment Mike D. Day Ryan Harper Anthony Liguori

Using the Xen Hypervisor to Turbocharge OS Deployment Mike D. Day Ryan Harper Anthony Liguori

Using the Xen Hypervisor to Turbocharge OS Deployment Mike D. Day Ryan Harper Anthony Liguori Andrew Theurer Michael Hohnbaum Real-world Hypervisor Applications Make more efficient use of expensive hardware Server Consolidation

633 views • 24 slides
Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture Dom0 VMs QEMU Xen Scheduler MMU vPIC Memory CPUs I/O HW Emulation in hypervisor For performance Examples: Interrupt controller

859 views • 20 slides
Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare metal. Dedicated virtualization machine. Higher performance. Typical for servers. Type 2 Virtualization Hypervisor sits on

571 views • 17 slides
! Apps Apps RAM ! Ring 0 - 2 OS / Hypervisor OS / Hypervisor Remote Attestation Protected

! Apps Apps RAM ! Ring 0 - 2 OS / Hypervisor OS / Hypervisor Remote Attestation Protected

Keystone : An Open Framework for Architecting Trusted Execution Environments Dayeol Lee , David Kohlbrenner, Shweta Shinde, Krste Asanovic, Dawn Song Dept. of Electrical Engineering and Computer Sciences University of California, Berkeley

599 views • 30 slides
Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Game Changing

Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Game Changing

Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Game Changing Hypervisor Based Malware Analysis and Visualization Danny Quist Danny Quist Lorie Liebrock New Mexico Tech Computer Science Dept. Offensive

898 views • 64 slides
Introduction to KVM By Sheng-wei Lee swlee@swlee.org #20110929 Outline Hypervisor - KVM

Introduction to KVM By Sheng-wei Lee swlee@swlee.org #20110929 Outline Hypervisor - KVM

Introduction to KVM By Sheng-wei Lee swlee@swlee.org #20110929 Outline Hypervisor - KVM virt-manager Libvirt Migration How to install KVM. Bridged Networking Virsh How to new a VM How to adjust the setting of

833 views • 37 slides
Dynamic VM Monitoring using Hypervisor Probes Z. J. Estrada , C. Pham, F. Deng, L. Yan, Z.

Dynamic VM Monitoring using Hypervisor Probes Z. J. Estrada , C. Pham, F. Deng, L. Yan, Z.

Dynamic VM Monitoring using Hypervisor Probes Z. J. Estrada , C. Pham, F. Deng, L. Yan, Z. Kalbarczyk, R. K. Iyer European Dependable Computing Conference 2015-09-09 ECE ILLINOIS 1 Department of Electrical and Computer Engineering Dynamic VM

1.08k views • 76 slides
Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor Authors

Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor Authors

Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor Authors Department of Computer Computer Science, University of British Columbia Patrick Colp Mihi Nanavati William Aiello Andrew Warfield

478 views • 45 slides
Cloaking Order in Chaos Subverting the Linux RNG via the Xen hypervisor Jeremy Erickson

Cloaking Order in Chaos Subverting the Linux RNG via the Xen hypervisor Jeremy Erickson

Cloaking Order in Chaos Subverting the Linux RNG via the Xen hypervisor Jeremy Erickson Timothy Trippel Andrew Quinn Motivation Overview Nation State Adversary (NSA) Sophisticated, huge resources, not limited by law

335 views • 18 slides
SELECTION AND EVALUATION OF AN EMBEDDED HYPERVISOR: APPLICATION TO AN AUTOMOTIVE PLATFORM Etienne

SELECTION AND EVALUATION OF AN EMBEDDED HYPERVISOR: APPLICATION TO AN AUTOMOTIVE PLATFORM Etienne

SELECTION AND EVALUATION OF AN EMBEDDED HYPERVISOR: APPLICATION TO AN AUTOMOTIVE PLATFORM Etienne HAMELIN, Moha AIT HMID, Amine NAJI, Yves MOUAFO-TCHINDA | ERTS2020 | 30/01/2020 This work was partly funded by the Renault-Nissan alliance under the

423 views • 14 slides
A Hypervisor for the Ryu NOS Bachelor Thesis - Final presentation Felix Breidenstein FB 20 -

A Hypervisor for the Ryu NOS Bachelor Thesis - Final presentation Felix Breidenstein FB 20 -

A Hypervisor for the Ryu NOS Bachelor Thesis - Final presentation Felix Breidenstein FB 20 - Informatik Technische Universitt Darmstadt E-Mail: mail@felixbreidenstein.de Supervisor Dipl.-Wirtsch.-Inf. Jeremias Blendin Tuesday, 18 October

390 views • 18 slides
Integrating Linux and the real-time ERIKA OS through the Xen hypervisor Arianna Avanzini

Integrating Linux and the real-time ERIKA OS through the Xen hypervisor Arianna Avanzini

Integrating Linux and the real-time ERIKA OS through the Xen hypervisor Arianna Avanzini Evidence Srl University of Modena and Reggio Emilia October 15, 2014 Preamble Motivations ERIKA as Xen-on-ARM domU Ongoing and future work This

606 views • 33 slides
Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis

Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis

Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis Distributed Systems Fred B. Schneider, Cornell University SOSP, 1995 Problem Fault tolerance

2.97k views • 8 slides
Microkernel Hypervisor for a Hybrid ARM-FPGA Platform Khoa D. Pham, Abhishek K. Jain, Jin Cui,

Microkernel Hypervisor for a Hybrid ARM-FPGA Platform Khoa D. Pham, Abhishek K. Jain, Jin Cui,

Microkernel Hypervisor for a Hybrid ARM-FPGA Platform Khoa D. Pham, Abhishek K. Jain, Jin Cui, Suhaib A. Fahmy , Douglas L. Maskell School of Computer Engineering Nanyang Technological University, Singapore (in collaboration with TUM CREATE,

307 views • 18 slides
Code Injection From the Hypervisor: Removing the need for in-guest agents Matt Conover &

Code Injection From the Hypervisor: Removing the need for in-guest agents Matt Conover &

Code Injection From the Hypervisor: Removing the need for in-guest agents Matt Conover & Tzi-cker Chiueh Core Research Group, Symantec Research Labs SADE: S te A lthy D eployment and E xecution Introduction A typical enterprise

661 views • 36 slides
park ber Enforcing Verifiable Object Abstractions for Automated Compositional Security

park ber Enforcing Verifiable Object Abstractions for Automated Compositional Security

park ber Enforcing Verifiable Object Abstractions for Automated Compositional Security Analysis of a Hypervisor Amit Vasudevan (CyLab-CMU), Sagar Chaki (SEI-CMU), Petros Maniatis (Google Inc.), Limin Jia, Anupam Datta (ECE/CSD-CMU)

517 views • 24 slides
World-Wide Web Homepage Helper Workshop Notes Joe Struss April 5, 2007 Registering your

World-Wide Web Homepage Helper Workshop Notes Joe Struss April 5, 2007 Registering your

World-Wide Web Homepage Helper Workshop Notes Joe Struss April 5, 2007 Registering your username with the Homepage Server To register your username with the Homepage Server enter: 1. % add www 2. % setup www and respond to the prompt.

147 views • 4 slides
r sts r rt

r sts r rt

r sts r rt r trtr tt t t r t

889 views • 22 slides
Recognizable Series on Hypergraphs el Bailly 1 cois Denis 2 Guillaume Rabusseau 2 Rapha Fran

Recognizable Series on Hypergraphs el Bailly 1 cois Denis 2 Guillaume Rabusseau 2 Rapha Fran

Recognizable Series on Hypergraphs el Bailly 1 cois Denis 2 Guillaume Rabusseau 2 Rapha Fran 1 Universit e de Technologie de Compi` egne 2 LIF, CNRS, Aix-Marseille Universit e LATA2015 March 5, 2015 Bailly, Denis, Rabusseau (UTC -

746 views • 47 slides
MODERN SYSTEMS: EXTENSIBLE KERNELS AND CONTAINERS MOTIVATION Applications must conform to

MODERN SYSTEMS: EXTENSIBLE KERNELS AND CONTAINERS MOTIVATION Applications must conform to

SHANNON JOYNER MODERN SYSTEMS: EXTENSIBLE KERNELS AND CONTAINERS MOTIVATION Applications must conform to operating system interface One operating system implementation is not ideal for everyone Cannot optimize for a given application

839 views • 52 slides
Data-Intensive Science Using GPUs Alex Szalay, JHU Data in HPC Simulations HPC is an

Data-Intensive Science Using GPUs Alex Szalay, JHU Data in HPC Simulations HPC is an

Data-Intensive Science Using GPUs Alex Szalay, JHU Data in HPC Simulations HPC is an instrument in its own right Largest simulations approach petabytes from supernovae to turbulence, biology and brain modeling Pressure for

462 views • 20 slides
Interactive Programs in Agda Anton Setzer (Swansea) 1. Defining IO in Agda. 2. Execution of IO

Interactive Programs in Agda Anton Setzer (Swansea) 1. Defining IO in Agda. 2. Execution of IO

Interactive Programs in Agda Anton Setzer (Swansea) 1. Defining IO in Agda. 2. Execution of IO Programs. 3. Dealing with Complex Programs. 4. A Graphics Library for Agda Anton Setzer: Interactive programs in dependent type theory 1 1. Defining

810 views • 35 slides
Input/Output Programming Chapter 3: Section 3.1, 3.2 Input and output (I/O) programming

Input/Output Programming Chapter 3: Section 3.1, 3.2 Input and output (I/O) programming

Input/Output Programming Chapter 3: Section 3.1, 3.2 Input and output (I/O) programming Communicating with I/O devices Busy-wait I/O Interrupt-driven I/O I/O devices Devices may include digital and non-digital

529 views • 33 slides

More recommend