Last week, has been a great week for our community. We had the Xen Developer Meeting, XenSummit and a presence at Linux Plumbers Conference, LinuxCon and CloudOpen. It has been a very busy week, and I apologize for not reporting back to you earlier. We have uploaded most XenSummit presentations to slideshare.net (the only ones missing are those the presenters have not sent me yet) and I started converting and uploading the first videos on vimeo.com. It will take some time to edit and upload the videos, so please bear with us. Later, I will embed the presentations and videos into the agenda.
First I wanted to thank all speakers and attendees who helped make XenSummit a success. So far, we have had only had great feedback. The sessions were well attended and generally very interactive. The main criticism I have received was that there was too much good content and that some attendees could not see everything. That is a nice problem to have. Also I was approached by many attendees, that we should consider to hold next year’s summit in Europe. message received: I am looking at options at the moment.
As I have not been able to see all presentations, so I will cover some of my personal highlights. Before I go there though, I did want to point out the Xen 4.3 Roadmap presentation, the Xen and BSD Roadmap presentation, the PVOPS presentation and the XCP Update presentation. Generally I was very excited to see the level of innovation that is happening on Xen today: we have not seen so much innovation for some time.
Xen Paravirtualisation in HVM Containers
One of the innovations in Xen that has huge potential for Xen is the new PVH virtualization mode. Xen traditionally supports two virtualization modes: Paravirtualisation and Hardware Assisted Virtualization or HVM in Xen terminology. Both techniques have different trade-offs in terms of code complexity, maintainability and performance. HVM tends to have high performance overheads for I/O due to high CPU overheads when emulating I/O devices: these have been addressed in Xen through the PV-on-HVM mode (or PVHVM) and use of virtio drivers in KVM.
A new approach to approach has been developed by Mukesh Rathor from Oracle called PV in HVM Containers (or PVH), which is currently being upstreamed to Linux PVOPS and the Xen Hypervisor. PVH promises the best combination of PV and HVM in terms of code complexity, maintainability and performance. The PVH prototype is likely to give us the fastest possible combiniation of PV and HVM (i.e. where PV is best, you will get PV performance and where HVM is best you will get HVM performance). The need for emulating devices and instructions is entirely removed. The Dom 0 operating system runs in ring 0 which vastly improves the performance between hypervisor and Dom0 interface. PVH mainly executes HVM code paths in Xen and the Linux kernel: this will enable the Xen community to simplify its architecture in the future. The really good news, is that PVH is likjely to be one of the Xen 4.3 headline features too.
Performance, Power, Nested Virtualization, …
As normal at XenSummits, we had many talks on improving performance, on new features (e.g. Nested Virtualiztion developed by Intel), on improving power efficiency and many more.
Xen for ARM based Servers
Another presentation which impressed me was Stefano Stabellini’s update on Xen on the Cortext A15 ARM processor. Stefano outlined the design goals behind the Xen ARM port: exploit the hardware as much as possible, follow a simple architecture based on PVH (no PVOPs, PV interfaces for IO, hardware for everything else) and re-architect Xen for the modern age (no emulation/QEMU, no compatibility code, no shadow page tables). All design goals have been met so far. This is another example of the power of the PVH approach.
Again, Xen for ARM servers provides the simplest and cleanest possible architecture with the best performance trade-offs. In particular the implementation does not need ARM-on-ARM emulation unlike the emerging KVM port for ARM. ARM on ARM emulation is less performance efficient than x86 on x86 emulation, which should give Xen on ARM a distinctive performance benefit compared to KVM on ARM.
A prototype is available in xen-unstable with most patches upstreamed to xen-devel as well as the Linux Kernel. Xen and Dom0 are booting, VMs can be created and destroyed and PV console, disk and networking are working.
On a related note, there was also a great panel on the potential of ARM based servers. And Yonghong Song from BroadCom walked us through the architecture and design desicisions behind their Xen MIPS port. It is great to see that Xen is being ported to new architectures.
Products that make use of advanced Xen Security Features
Another great thing to see, was how advanced Xen security features are and will be used in different products. The XenServer and XCP team shared how they will bring dissagregation to the server world using the “Windsor” architecture. The XenClient described the XenClient XT security architecture. Also this week, Qubes OS 1.0 was released, which also builds on top fo Xen. If you want to know more about the Qubes OS security architecture check out chapter 3 of the architecture spec. The different ways in which secure systems can be built on top of Xen, just shows how versatile Xen is as a platform.
The absolute highlight on the Security front was Ian Pratt’s presentation and demo of µ-Xen. Even though the talk was scheduled for the end of the day (just before the party), attendees stayed on for almost an hour asking questions.
Case Studies
Of course there were many case studies and user stories again. As this blog post is already very long, I wanted to highlight Chris Behrens talk on Scaling Xen within Rackspace Cloud Servers. It is great that our big users such as AWS, Google and Amazon have shared how they use Xen at the last few XenSummits.