virtio vsock configuration agnostic guest host
play

Virtio-Vsock - Configuration-Agnostic Guest/Host Communication - PowerPoint PPT Presentation

Aug 16, 2022 •48 likes •268 views

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Virtio-Vsock - Configuration-Agnostic Guest/Host Communication Johannes Wiesbck Friday 19 th July, 2019 Chair of Network Architectures and

  1. Chair of Network Architectures and Services Department of Informatics Technical University of Munich Virtio-Vsock - Configuration-Agnostic Guest/Host Communication Johannes Wiesböck Friday 19 th July, 2019 Chair of Network Architectures and Services Department of Informatics Technical University of Munich

  2. Introduction Common Problems J. Wiesböck — virtio-vsock 2

  3. Introduction Use-cases for Guest/Host Communication VM1 VM2 Agent Agent Host Service Host Possible Use Cases [2] • SSH (configuration, file transfer, etc.) • file sharing • qemu-guest-agent (shutdown, suspend, etc.) J. Wiesböck — virtio-vsock 3

  4. Traditional Solutions Networking Create a virtual network between host and virtual machines. Pros • Can be used by existing applications. • Also used for networking between hosts and internet access. Cons • Setup can be complex and requires high maintenance. • Invasive on both host and VMs. Serial Interface Create a virtual serial device for communication between guest and host (virtio-serial). Cons • Porting of network applications to serial device is more complex. • Limited number of channels. • slow J. Wiesböck — virtio-vsock 4

  5. Virtio-Vsock Concept Communication channel between host and guests based on the addressing scheme AF_VSOCK. History • virtual machine sockets introduced to Linux by VMware in 2013 • virtio-vsock in the mainline Linux kernel since version 4.8 Features • zero-configuration guest/host communication • stream-based • flow-control • safe ordering J. Wiesböck — virtio-vsock 5

  6. Virtio-Vsock AF_VSOCK • Address format used by virtual machine sockets (VMWare vSockets, virtio-vsock). • Machines are identified by 32 bit Context Identifier (CID). • Services are identified by 32 bit Port numbers. /* Creating an IPv6 socket */ int ip6_sock = socket(AF_INET6, SOCK_STREAM, 0); /* Creating a virtual socket */ int vsock = socket(AF_VSOCK, SOCK_STREAM, 0); J. Wiesböck — virtio-vsock 6

  7. Virtio-Vsock New topology with Virtio-Vsock VM1 (CID 3) VM2 (CID 4) Agent Agent v:4711 v:4711 Host Service Host (CID 2) J. Wiesböck — virtio-vsock 7

  8. Implementation Overview Problem Discover the ability to use various applications over virtio-vsock, e.g. SSH, HTTP , SMB. Considerations Characteristics Native Implementation Inetd-Style Applicability to many applications ✗ ✓ Consideration of special application features ✓ ✗ Simple implementation ✗ ✓ J. Wiesböck — virtio-vsock 8

  9. Implementation SSH Server: Inetd-Style The SSH server sshd can be started through systemd socket activation: • Systemd listens to port 22 for incoming connections. • Once a connections arrives, systemd accepts the connection and passes the connected socket to sshd . ⇒ Socket activation can be used for vsock connections. J. Wiesböck — virtio-vsock 9

  10. Implementation SSH Server: Inetd-Style The SSH server sshd can be started through systemd socket activation: • Systemd listens to port 22 for incoming connections. • Once a connections arrives, systemd accepts the connection and passes the connected socket to sshd . ⇒ Socket activation can be used for vsock connections. Client: SSH ProxyCommand • Problem: The ssh client only supports to connect to servers using IP . • Solution: ProxyCommand allows to start a proxy application when starting a SSH connection. • All SSH traffic is passed through the proxy application and relayed to the server over vsock. ssh -o ProxyCommand='socat - SOCKET-CONNECT:40:0:x0000x16000000x04000000x00000000' user@vm J. Wiesböck — virtio-vsock 9

  11. Implementation Inetd-Style IPv6 Unique-Local Unicast Addresses IPv6 addresses in the subnet fc00::/7 are intended to be used locally and are not routed on the internet [1]. Address Mapping • Choose a random /64 prefix, e.g. fd00:abcd:ef12::/64. • Add destination CID to the prefix, e.g.: • CID 3 → fd00:abcd:ef12::3 • CID 1024 → fd00:abcd:ef12::400 J. Wiesböck — virtio-vsock 10

  12. Implementation Inetd-Syle VM1 (CID 3) VM2 (CID 4) [fd00:abcd:ef12::2]:445 [fd00:abcd:ef12::2]:445 Samba Host (CID 2) [::1]:445 v:445 J. Wiesböck — virtio-vsock 11

  13. Implementation Inetd-Syle VM1 (CID 3) VM2 (CID 4) cifs 1 [fd00:abcd:ef12::2]:445 [fd00:abcd:ef12::2]:445 Samba Host (CID 2) [::1]:445 v:445 J. Wiesböck — virtio-vsock 11

  14. Implementation Inetd-Syle VM1 (CID 3) VM2 (CID 4) cifs socat 1 2 [fd00:abcd:ef12::2]:445 [fd00:abcd:ef12::2]:445 Samba Host (CID 2) [::1]:445 v:445 J. Wiesböck — virtio-vsock 11

  15. Implementation Inetd-Syle VM1 (CID 3) VM2 (CID 4) cifs socat 1 2 [fd00:abcd:ef12::2]:445 [fd00:abcd:ef12::2]:445 3 Samba Host (CID 2) [::1]:445 v:445 J. Wiesböck — virtio-vsock 11

  16. Implementation Inetd-Syle VM1 (CID 3) VM2 (CID 4) cifs socat 1 2 [fd00:abcd:ef12::2]:445 [fd00:abcd:ef12::2]:445 3 socat Samba 4 Host (CID 2) [::1]:445 v:445 J. Wiesböck — virtio-vsock 11

  17. Implementation Inetd-Syle VM1 (CID 3) VM2 (CID 4) cifs socat 1 2 [fd00:abcd:ef12::2]:445 [fd00:abcd:ef12::2]:445 3 socat Samba 5 4 Host (CID 2) [::1]:445 v:445 J. Wiesböck — virtio-vsock 11

  18. Implementation Demo J. Wiesböck — virtio-vsock 12

  19. Conclusion Virtio-Vsock • zero-configuration guest/host communication • stream-based communication mechanism using the socket API Contributions • SSH configuration interface resilient against faulty network configuration • a simple and versatile way to use virtio-vsock in existing applications J. Wiesböck — virtio-vsock 13

  20. Conclusion J. Wiesböck — virtio-vsock 14

  21. Conclusion J. Wiesböck — virtio-vsock 15

  22. Bibliography [1] G. Carle, S. Günther, J. Naab, and H. Stubbe. Grundlagen Rechnernetze und Verteilte Systeme (GRNVS) - Kapitel 3: Vermittlungsschicht. Technische Universität München, June 2019. [2] S. Hajnoczi. virtio-vsock Zero-configuration host/guest communication. J. Wiesböck — virtio-vsock 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Performance Improvements of Virtual Machine Networking Jason Wang jasowang@redhat.com Typical

Performance Improvements of Virtual Machine Networking Jason Wang jasowang@redhat.com Typical

Performance Improvements of Virtual Machine Networking Jason Wang jasowang@redhat.com Typical setup Guest Guest virtio-net drv virtio-net drv T R T R X X X X Host Host vhost_net vhost_net bridge TAP macvlan macvtap NIC NIC

427 views • 41 slides
virtio-fs A Shared File System for Virtual Machines Stefan Hajnoczi stefanha@redhat.com 1

virtio-fs A Shared File System for Virtual Machines Stefan Hajnoczi stefanha@redhat.com 1

FOSDEM 20 virtio-fs A Shared File System for Virtual Machines Stefan Hajnoczi stefanha@redhat.com 1 FOSDEM 20 About me I work in Red Hats virtualization team: virtio-fs virtio-blk tracing VIRTIO specification

1.21k views • 19 slides
DHCP (RFC 2131) Deliver host-specific configuration parameters from DHCP server to host.

DHCP (RFC 2131) Deliver host-specific configuration parameters from DHCP server to host.

DHCP (RFC 2131) Deliver host-specific configuration parameters from DHCP server to host. Allocate network address to nodes: Automatic allocation: permanent assignment. Dynamic allocation: for a limited period of time. Manual

387 views • 9 slides
ECE 650 Systems Programming & Engineering Spring 2018 Dynamic Host Configuration Protocol

ECE 650 Systems Programming & Engineering Spring 2018 Dynamic Host Configuration Protocol

ECE 650 Systems Programming & Engineering Spring 2018 Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) Dynamic Host Configuration Protocol

722 views • 25 slides
Whats new in Virtio 1.1? and surrounding areas Jens Freimann Red Hat FOSDEM 2018 What

Whats new in Virtio 1.1? and surrounding areas Jens Freimann Red Hat FOSDEM 2018 What

Whats new in Virtio 1.1? and surrounding areas Jens Freimann Red Hat FOSDEM 2018 What is Virtio? Easy mechanism to provide virtual devices to guests Disk, net, gpu, ... Standard driver means compatibility across hypervisors

685 views • 27 slides
EXTERIOR: Using A Dual-VM Based External Shell for Guest-OS Introspection, Configuration, and

EXTERIOR: Using A Dual-VM Based External Shell for Guest-OS Introspection, Configuration, and

Overview Our Approach Evaluations Conclusion EXTERIOR: Using A Dual-VM Based External Shell for Guest-OS Introspection, Configuration, and Recovery Yangchun Fu , Zhiqiang Lin Department of Computer Science The University of Texas at Dallas

559 views • 39 slides
Automatic end-host configuration Research Project 1 Sebastian Dabkiewicz System And Network

Automatic end-host configuration Research Project 1 Sebastian Dabkiewicz System And Network

Introduction Zerconf Implementations Test-Environment Results Conclusion Demo Questions Automatic end-host configuration Research Project 1 Sebastian Dabkiewicz System And Network Engineering University of Amsterdam 8th February 2012 1

1.11k views • 29 slides
CERN CMS Project Host / SD Card Configuration Data Access Dave Ojika Alex Madorsky Dr. Darin

CERN CMS Project Host / SD Card Configuration Data Access Dave Ojika Alex Madorsky Dr. Darin

CERN CMS Project Host / SD Card Configuration Data Access Dave Ojika Alex Madorsky Dr. Darin Acosta Dr. Ivan Furic Project Description Design of an FPGA SD card system with support for data communication with host processor over PCIe

539 views • 5 slides
CLOUDBURST A VMware Guest to Host Escape Story Kostya Kortchinsky Immunity, Inc. BlackHat USA

CLOUDBURST A VMware Guest to Host Escape Story Kostya Kortchinsky Immunity, Inc. BlackHat USA

CLOUDBURST A VMware Guest to Host Escape Story Kostya Kortchinsky Immunity, Inc. BlackHat USA 2009, Las Vegas 06/29/09 1 Introduction 06/29/09 2 VMware Architecture VMware Architecture Devices are emulated on the Host 06/29/09 3 Why

1.11k views • 48 slides
BootP and DHCP Flexible and Scalable Host Configuration 2005/03/11 (C) Herbert Haas

BootP and DHCP Flexible and Scalable Host Configuration 2005/03/11 (C) Herbert Haas

BootP and DHCP Flexible and Scalable Host Configuration 2005/03/11 (C) Herbert Haas Shortcomings of RARP Reverse Address Resolution Protocol Only IP Address distribution No subnet mask Using hardware address for identification

443 views • 29 slides
CA CAME MELab ab Motivation Host NAND Flash density (pages / block) Delay More GC overhead

CA CAME MELab ab Motivation Host NAND Flash density (pages / block) Delay More GC overhead

Platform-Agnostic Lightweight Deep Learning for Garbage Collection Scheduling in SSDs Junhyeok Jang, Donghyun Gouk, Jinwoo Shin, Myoungsoo Jung Computer Architecture and Memory systems Laboratory CA CAME MELab ab Motivation Host NAND

1.06k views • 11 slides
Configuration management Configuration management Configuration management Configuration

Configuration management Configuration management Configuration management Configuration

Configuration management Configuration management Configuration management Configuration management Configuration management Field of management that focuses on establishing and maintaining consistency of a systems attributes

647 views • 6 slides
methods methods to to Hos Host-gues guest t supr supramolecular amolecular chemistr

methods methods to to Hos Host-gues guest t supr supramolecular amolecular chemistr

Applica pplications tions of of molecular molecular modeling modeling methods methods to to Hos Host-gues guest t supr supramolecular amolecular chemistr hemistry y FakhrEldin O. Suliman College of Science, Department of Chemistry

1.05k views • 59 slides
Virtio 1 - why do it? And - are we there yet? 2015 Michael S. Tsirkin Red Hat Uses material

Virtio 1 - why do it? And - are we there yet? 2015 Michael S. Tsirkin Red Hat Uses material

Virtio 1 - why do it? And - are we there yet? 2015 Michael S. Tsirkin Red Hat Uses material from https://lwn.net/Kernel/LDD3/ Gcompris, tuxpaint 1 Distributed under the Creative commons license. Lots of work ... main-title 300 250

1.02k views • 63 slides
MOBILE COMPUTING CSE 40814/60814 Fall 2015 Dynamic Host Configuration Protocol Application

MOBILE COMPUTING CSE 40814/60814 Fall 2015 Dynamic Host Configuration Protocol Application

11/15/15 MOBILE COMPUTING CSE 40814/60814 Fall 2015 Dynamic Host Configuration Protocol Application simplification of installation and maintenance of networked computers supplies systems with all necessary information, such as IP

421 views • 28 slides
VGA passthrough in Xen Author: Y. Schaeffer Supervisor: M. Mobach Concept Only host OS has

VGA passthrough in Xen Author: Y. Schaeffer Supervisor: M. Mobach Concept Only host OS has

VGA passthrough in Xen Author: Y. Schaeffer Supervisor: M. Mobach Concept Only host OS has direct hardware access Guest OS has virtualized hardware Xen has no notion of devices Hardware accelerated guest PCI passthrough

353 views • 8 slides
How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

5/15/2012 How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been tremendously successful From Architecture to Network Has sustained tremendous growth g Supports very diverse set of applications

484 views • 10 slides
Nested queries Subqueries in SELECT SELECT DISTINCT C.cname, (SELECT count(*) FROM Product P

Nested queries Subqueries in SELECT SELECT DISTINCT C.cname, (SELECT count(*) FROM Product P

Nested queries Subqueries in SELECT SELECT DISTINCT C.cname, (SELECT count(*) FROM Product P WHERE P.cid=C.cid) FROM Company C Subqueries in FROM SELECT X.pname FROM (SELECT * FROM Product AS Y WHERE price > 20) as X WHERE X.price <

599 views • 6 slides
The CFPBs Enforcement Process Ori Lev olev@mayerbrown.com Rebecca Lobenherz

The CFPBs Enforcement Process Ori Lev olev@mayerbrown.com Rebecca Lobenherz

The CFPBs Enforcement Process Ori Lev olev@mayerbrown.com Rebecca Lobenherz rlobenherz@mayerbrown.com September 2016 Richard Rosenfeld rrosenfeld@mayerbrown.com OVERVIEW Consumer Finance Monthly Breakfast Briefing 2 1 CFPB Enforcement

249 views • 12 slides
Lecture 3: Advanced SQL 1 / 64 Advanced SQL Relational Language Relational Language User

Lecture 3: Advanced SQL 1 / 64 Advanced SQL Relational Language Relational Language User

Advanced SQL Lecture 3: Advanced SQL 1 / 64 Advanced SQL Relational Language Relational Language User only needs to specify the answer that they want, not how to compute it. The DBMS is responsible for e ffi cient evaluation of the

1.25k views • 65 slides
Translating Web Data Ronald Fagin, Mauricio A. Hernandez, Lucian Popa, IBM Almaden Research

Translating Web Data Ronald Fagin, Mauricio A. Hernandez, Lucian Popa, IBM Almaden Research

Translating Web Data Ronald Fagin, Mauricio A. Hernandez, Lucian Popa, IBM Almaden Research Center Renee. J. Miller, Yannis Velegrakis (speaker) University of Toronto 1 Our Motivation We address the problem of data translation

687 views • 17 slides
Vitess, k8s & sharding Sugu Sougoumarane, Co-creator CTO, PlanetScale @vitessio What is

Vitess, k8s & sharding Sugu Sougoumarane, Co-creator CTO, PlanetScale @vitessio What is

Vitess, k8s & sharding Sugu Sougoumarane, Co-creator CTO, PlanetScale @vitessio What is Vitess Sharding middleware for MySQL Massively scalable HA Cloud-native Vitess stats Marquee adopters Started 2010 100+

629 views • 23 slides
Local System Security via SSHD Instrumenta5on Sco6 Campbell

Local System Security via SSHD Instrumenta5on Sco6 Campbell

Local System Security via SSHD Instrumenta5on Sco6 Campbell NERSC, Lawrence Berkeley Na5onal Lab Presenta5on Outline Problem overview Wants and worries

522 views • 26 slides
Minimum Caterpillar Trees and Ring-Stars: a branch-and-cut algorithm Luidi G. Simonetti Yuri A.

Minimum Caterpillar Trees and Ring-Stars: a branch-and-cut algorithm Luidi G. Simonetti Yuri A.

Minimum Caterpillar Trees and Ring-Stars: a branch-and-cut algorithm Luidi G. Simonetti Yuri A. M. Frota Cid C. de Souza Institute of Computing University of Campinas Brazil Aussois, January 2010 Cid de Souza (IC) MCSP Aussois, January

801 views • 49 slides

More recommend