More Related Content
Similar to XS Japan 2008 Project Status English (20)
More from The Linux Foundation (20)
XS Japan 2008 Project Status English
- 1. Xen Project Overview and Update
Ian Pratt, Chairman of Xen.org, and
Chief Scientist, Citrix Systems Inc.
- 2. Xen Community Story
• 2002 Oct Xen hypervisor development starts
• 2004 Xen 1.0 and 2.0 released, First Xen developer’s summit
• 2005 XenSource founded, Xen 3.0 released
• 2006 CPU enhancements for virtualization ship; Linux distros ship Xen
All x86 OSes “enlightened”: Vmware, Microsoft adopt paravirtualization
First XenEnterprise release
Amazon EC2 Launches
• 2007 XenSource acquired by Citrix
• 2008 Xen embedded in Flash on HP/Dell servers
First embedded Xen on laptops
2
© 2007 Citrix Systems, Inc. — All rights reserved
- 3. Xen Today
• ~17% enterprise server market share (Yankee, Aug 08)
• World's largest virtualization deployments are Xen based
• Community: over 50 Companies, 20 Universities,
from 20 Countries, ~250 developers
• More than 10,000 code submissions since Xen 3.0
• x86, IA64, ARM support
• In Severs, Laptops, Storage & Network Appliances, PDAs
3
© 2007 Citrix Systems, Inc. — All rights reserved
- 4. Xen Powers the World’s IT Infrastructure Clouds
“ Xen is great. It’s powerful and
easy to use. But most
important is the very active
community around it.
That was a very big reason for
us in selecting Xen.
”
Werner Vogels
CTO, Amazon.com
4
© 2007 Citrix Systems, Inc. — All rights reserved
- 5. Congratulations, and Thank You!
2008 Winner, Server Virtualization
Best of Open Source Software Awards
5
© 2007 Citrix Systems, Inc. — All rights reserved
- 6. Xen Project Mission
• Build the industry standard open source hypervisor
• Lead the industry in virtualization performance
• Ensure continued stability and high quality in the code base
• Support multiple CPU types; big and small systems
• Foster and sponsor innovation
• Drive toward vendor interoperability and compatibility
6
© 2007 Citrix Systems, Inc. — All rights reserved
- 7. Xen: An Open Reference Standard
Xen
Citrix, Intel, AMD, VA Linux, Fujitsu,
IBM, HP, Unisys, SGI, Samsung, Sun,
Red Hat, Novell, DoD, NSA (over 50
orgs)
7
© 2007 Citrix Systems, Inc. — All rights reserved
- 8. The Xen Project Advisory Board
• Represents major contributors and vendors that offers Xen based
products. Current members:
• Defines and approves the Xen® Trademark Policy
(“What is Xen?”)
• Oversees community code practices and roadmap
8
© 2007 Citrix Systems, Inc. — All rights reserved
- 9. Virtualization Benefits
Avoid planned downtime
X
with VM Relocation
Dynamically re-balance
workload to meet app
SLAs or to saver power
9
© 2007 Citrix Systems, Inc. — All rights reserved
- 10. Virtualization Benefits
Restart-HA monitors hosts
X
and VMs to keep apps
running
Hardware Fault Tolerance
with deterministic replay
X or checkpointing
10
© 2007 Citrix Systems, Inc. — All rights reserved
- 11. Leaders in
OS Enlightenment
Xen Hypervisor
First and Best to
support new
Intel VT & AMD-V, (Also Hyper-V compatib
mart IO & chipset
Technologies
11
© 2007 Citrix Systems, Inc. — All rights reserved
- 12. Unlocking Hardware Innovation
Enhanced Security
Enhanced Security
• TPM and secure boot (TXT)
• TPM and secure boot (TXT)
• IOMMU to protect device DMA accesses
• IOMMU to protect device DMA accesses
• Full Execute-Disable (NX/XD)
• Full Execute-Disable (NX/XD)
Hardware Virtualization Support
Hardware Virtualization Support
• Nested Page Tables (VT2/VMI)
• Nested Page Tables (VT2/VMI)
• FlexPriority, FlexMigrate
• FlexPriority, FlexMigrate
• Smart NICs (e.g. VT-C/VMDq) and HBAs
• Smart NICs (e.g. VT-C/VMDq) and HBAs
Multi-core Processors
Multi-core Processors
Only a hypervisor can deliver the
• More efficient utilization
• More efficient utilization
benefits of the new hardware
• Hides complexity from guests
• Hides complexity from guests
12
© 2007 Citrix Systems, Inc. — All rights reserved
- 13. OS Paravirtualization (Enlightenment)
• Extending the OS to be aware it is running in a virtualized
environment
• For performance and enhanced correctness
• IO, memory size, CPU, MMU, time
• In Xen <2.0, some paravirtulizations were compulsory to close x86
virtualization holes
• Intel VT / AMD-V allow incremental paravirtualization
• Paravirtualization is still very important for performance, and works
along side enhancements to the hardware
• Higher-level paravirtualizations yield greatest benefit
13
© 2007 Citrix Systems, Inc. — All rights reserved
- 14. SPECjbb2005 Comparison
RHEL5 guest / SPECjbb2005 Sun JVM
1.2
Relative score to native
1
0.8
0.6
0.4
0.2
0
1-vcpu 2-vcpu 4-vcpu
Native ESX 3.0.1 XenEnterprise 3.2
14 14
© 2007 Citrix Systems, Inc. — All rights reserved
- 15. w2k3 Terminal Server Concurrent Session test
15
© 2007 Citrix Systems, Inc. — All rights reserved
- 16. Hypervisor Security
• “hidden hypervisor” attack is a myth, but exploitation of an installed
hypervisor is a real and dangerous threat
• Hypervisors add more software and thus increase the attack surface
• Network-facing control stack
• VM containment
• Xen much smaller and defensible than an OS
• Xen’s “strength in depth” approach
• Disaggregate, De-privilege, narrow interfaces
• Xen Security Modules from the NSA
• Measured launch: TPM/TXT/SKINIT
16
© 2007 Citrix Systems, Inc. — All rights reserved
- 17. Improving Security with Hypervisors
• Hypervisors allow administrative policy enforcement outside the OS
• Firewalls, IDS, malware scanning etc
• More robust as not so easily disabled
• Provides protection within a network rather than just at borders
• Hardening OSes with immutable memory, taint tracking, logging
and replay
• Backup policy, multi-path IO, HA, FT etc
• Availability and Reliability
• Xen Introspection API project (extending XenAccess library)
17
© 2007 Citrix Systems, Inc. — All rights reserved
- 18. Xen Client : A Hypervisor for Client Devices
• Security, Manageability and Supportability
• Building Multi-level secure systems
• Run multiple guest VMs with very controlled information flow
• Enables Bring-Your-Own-PC model
• Corporate VM; VM for web browsing; VM for banking
• Migration of VMs between datacentre and laptops for offline use
• Seamless merging of VM displays
• “Embedded IT” virtual appliances
• IDS, Malware detection, remote access, backup etc.
• Security requires a true hypervisor architecture
18
© 2007 Citrix Systems, Inc. — All rights reserved
- 19. Xen Client Initiative
• 12 Vendors Collaborating on
architecture and implementation of
Xen client hypervisor
• Security is a key requirement
19
© 2007 Citrix Systems, Inc. — All rights reserved
- 20. From Laptops to Phones
• Smart phones and portable devices
• Xen ARM
• Smart phones now suffer from many of the same problems as PCs
• Simple restricted use cases:
• Three VMs running on one CPU:
• Real time VM for controlling the radio
• VM for vendor/operator -supplied s/w
• VM for user-downloaded software
20
© 2007 Citrix Systems, Inc. — All rights reserved
- 21. Roadmap Current Projects
• XenClient
• Xen Introspection API
• Fault Tolerance
• “Difference Engine” memory optimizations
• Cloud infrastructure services
21
© 2007 Citrix Systems, Inc. — All rights reserved
- 22. Closing Remarks
•Virtualization is destined to become ubiquitous
• Every machine, Every workload
• Built in to the platform
• Client devices as well as servers
•Xen offers the best performance and the most secure
architecture
• Xen is powered by a growing community with a diverse range of
products and services
22
© 2007 Citrix Systems, Inc. — All rights reserved