DOCSLIB.ORG

Ovirt Intro & Architecture

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Ovirt Intro & Architecture oVirt Intro & Architecture Barak Azulay Manager @ RHEV Engineering Red Hat June 2012 1 Virtualization Management the oVirt way What is oVirt? Large scale, centralized management for server and desktop virtualization Based on leading performance, scalability and security infrastructure technologies Provide an open source alternative to vCenter/vSphere Focus on KVM for best integration/performance Focus on ease of use/deployment 2 Virtualization Management the oVirt way How Does It Look? 3 Virtualization Management the oVirt way Competitive Landscape ● InfoWorld “shootout” 2011 – Independent analysis of leading virtualization platforms – 2nd place in management functionality http://bit.ly/virtshootout 4 Virtualization Management the oVirt way Goals of the oVirt project ● Build a community around all levels of the virtualization stack – hypervisor, manager, GUI, API, etc. ● To deliver both a cohesive complete stack and discretely reusable components for open virtualization management ● Provide a release of the project on a well defined schedule ● Focus on management of the KVM hypervisor, with exceptional guest support beyond Linux ● Provide a venue for user and developer communication and coordination 5 Virtualization Management the oVirt way Governance ● Merit based, open governance model ● Built using the best concepts taken from Apache and Eclipse Foundations ● Governance split between board and projects ● oVirt Board ● Multiple projects under the oVirt brand 6 Virtualization Management the oVirt way Governance (oVirt Board) ● Initial board ● Red Hat, IBM, NetApp, Cisco, SUSE, Intel ● A few domain leaders from sub-projects ● Mentors ● There is no limit to the number of board seats ● Additional seats are voted based on merit 7 Virtualization Management the oVirt way Kenrel-based Virtual Machine (KVM) ● Included in Linux kernel since 2006 ● Runs Linux, Windows and other operating system guests ● Advanced features ● Live migration ● Memory page sharing ● Thin provisioning ● PCI Pass-through ● KVM architecture provides high “feature-velocity” – leverages the power of Linux 8 Virtualization Management the oVirt way Linux as a Hypervisor? ● What makes up a hypervisor ? ● Hardware management ● Device drivers ● I/O Stack ● Resource Management ● Scheduling ● Access Control ● Power Management ● Memory Manager ● Device Model (emulation) ● Virtual Machine Monitor 9 Virtualization Management the oVirt way Linux as a Hypervisor? ● What makes up a hypervisor ? ● Hardware management ● Device drivers ● I/O Stack ● Resource Management Operating System Kernel ● Scheduling ● Access Control ● Power Management ● } Memory Manager ● Device Model (emulation) ● Virtual Machine Monitor 10 Virtualization Management the oVirt way Linux as a Hypervisor? How well does Linux perform as a hypervisor? Isn't Linux a general purpose operating system? Linux is architected to scale from the smallest embedded systems through to the largest multi-socket servers ● From cell phones through to mainframes KVM benefits from mature, time tested infrastructure ● Powerful, scalable memory manager ● Robust security infrastructure ● High performance network stack ● Versatile storage infrastructure – iSCSI, FC, NAS, multipath, etc ● Rich ecosystem of supported hardware systems 11 Virtualization Management the oVirt way Linux as a Hypervisor? How well does Linux perform as a hypervisor? Isn't Linux a general purpose operating system? Over the last 4 years features have been added to Linux to provide a better infrastructure for a hypervisor ● Scheduler enhancements Improved scalability and reduced latency ● Enhancements to memory manager Advanced features such as memory page sharing and compression ● Improvements to Block I/O subsystem ● Better performance, automated alignment, etc 12 Virtualization Management the oVirt way Red Hat Enterprise Virtualization Performance and Scalability SPECvirt_sc2010 Vendor neutral virtualizaztion benchmarks Comprised of application specific benchmarks running inside “tiles” Each tile runs 6 virtual machines ● Application Server ● Database Server ● Mail Server ● Web Server ● Infrastructure Server ● Idle Server Each VM runs a benchmark, eg SpecWeb, SPECjAppServer,SPECmail and must meet specifi 13 Virtualization Management the oVirt way Red Hat Enterprise Virtualization Performance and Scalability SPECvirt_sc2010 KVM leads the pack in 2, 4, 8 socket systems for SPECvirt Including the largest benchmark results with over 400 Vms Score : 7067 @ 432 VMs (72 tiles) Processor: Intel Xeon E7-4870 (80 cores, 8 chips, 10 cores/chip, 2 threads/core) Memory: 2 TB (128 x 16 GB, Quad Rank x4 PC3-8500 CL7 ECC DDR3 1066MHz LP RDIMM) http://www.spec.org/virt_sc2010/ 14 Virtualization Management the oVirt way Security oVirt inherits the security features of Linux SELinux security policy infrastructure Provides protection and isolation for virtual machines and host Compromised virtual machine cannot access other VMs or host sVirt Project Sub-project of NSA's SELinux community. Provides “hardened” hypervisors Multilevel security. Isolate guests Contain any hypervisor breaches 15 Virtualization Management the oVirt way oVirt Node ● Standalone hypervisor ● Small footprint < 100MB ● Customized 'spin' of Fedora + KVM ● 'Just enough' Fedora to run virtual machines ● Runs on all RHEL hardware with Intel VT/AMD-V CPUs ● Easy to install, configure and upgrade ● PXE boot, USB boot, CD or Hard drive 16 Virtualization Management the oVirt way oVirt Node vs. Full Host oVirt Node • Less than 100 MB • Pre-configured, no Linux skills needed. Full Host • Flexible • Add monitoring agents, scripts etc. Leverage existing Fedora infrastructure. • Hybrid mode capable 17 Virtualization Management the oVirt way How to Start? ● Build from source ● Or, just install pre-packaged ● yum install ovirt-engine ● ./ovirt-setup ● Add managed hosts ● from engine ● use ovirt-node registr/approve flow 18 Virtualization Management the oVirt way Administration Console 19 Virtualization Management the oVirt way Search Auto Complete 20 Virtualization Management the oVirt way Search Auto Complete 21 Virtualization Management the oVirt way Search Results 22 Virtualization Management the oVirt way Add Host As Simple As 23 Virtualization Management the oVirt way Power Management 24 Virtualization Management the oVirt way Configure Networks 25 Virtualization Management the oVirt way Or Bonds 26 Virtualization Management the oVirt way Without Scripts or Config Files 27 Virtualization Management the oVirt way Configure Storage Once for Entire Cluster 28 Virtualization Management the oVirt way Extend with More LUNs as Needed 29 Virtualization Management the oVirt way Add Servers or Desktops 30 Virtualization Management the oVirt way Even Windows via Sysprep 31 Virtualization Management the oVirt way SPICE or VNC 32 Virtualization Management the oVirt way Migratable or Not 33 Virtualization Management the oVirt way Highly Available? 34 Virtualization Management the oVirt way Control Allocated Resources (Disk, Memory) 35 Virtualization Management the oVirt way Boot Devices 36 Virtualization Management the oVirt way Advanced Options via Custom Properties 37 Virtualization Management the oVirt way Assign Permissions to Objects by Roles 38 Virtualization Management the oVirt way Define Your Own Roles 39 Virtualization Management the oVirt way User Portal 40 Virtualization Management the oVirt way Self Provisioning Portal 41 Virtualization Management the oVirt way User Resource View 42 Virtualization Management the oVirt way Management Features Feature Description High Availability Restart guest VMs from failed hosts automatically on other hosts Live Migration Move running VM between hosts with zero downtime System Scheduler Continuously load balance VMs based on resource usage/policies Power Saver Concentrate virtual machines on fewer servers during off-peak hours No downtime for virtual machines during planned maintenance windows. Maintenance Manager Hypervisor patching Image Management Template based provisioning, thin provisioning and snapshots Monitoring & Reporting For all objects in system – VM guests, hosts, networking, storage etc. OVF Import/Export Import and export VMs and templates using OVF files V2V Convert VMs from VMware and RHEL/Xen to oVirt 43 Virtualization Management the oVirt way High Availability • Build a highly available enterprise infrastructure • Continually monitor host systems and virtual machines • Automatically restart virtual machines in case of host failure ● Restart virtual machine on another node in the cluster • Use live migration to “fail-back” a VM to it's original host when the server is restored 44 Virtualization Management the oVirt way Live Migration • Dynamically move virtual machines between hosts ● No service interruption ● Applications continue to run • Migrate even I/O intensive workloads such as databases • Perform hardware maintenance without application downtime • Dynamically balance workloads between host systems 45 Virtualization Management the oVirt way System Scheduler • Dynamically balance workloads in the data center. • Automatically live migrate virtual machines based on resources • Define custom policies for distribution of virtual machines Maintain consistent resource usage across the enterprise data center 46 Virtualization Management the oVirt way Power Saver Define policies to optimize workload on a fewer number of servers during “off- peak” hours 47 Virtualization Management the oVirt way Management Features Feature Description High Availability Restart
Load more

Recommended publications
  • Effective Virtual CPU Configuration with QEMU and Libvirt
    Effective Virtual CPU Configuration with QEMU and libvirt Kashyap Chamarthy <[email protected]> Open Source Summit Edinburgh, 2018 1 / 38 Timeline of recent CPU flaws, 2018 (a) Jan 03 • Spectre v1: Bounds Check Bypass Jan 03 • Spectre v2: Branch Target Injection Jan 03 • Meltdown: Rogue Data Cache Load May 21 • Spectre-NG: Speculative Store Bypass Jun 21 • TLBleed: Side-channel attack over shared TLBs 2 / 38 Timeline of recent CPU flaws, 2018 (b) Jun 29 • NetSpectre: Side-channel attack over local network Jul 10 • Spectre-NG: Bounds Check Bypass Store Aug 14 • L1TF: "L1 Terminal Fault" ... • ? 3 / 38 Related talks in the ‘References’ section Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications What this talk is not about 4 / 38 Related talks in the ‘References’ section What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications 4 / 38 What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications Related talks in the ‘References’ section 4 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP QEMU QEMU VM1 VM2 Custom Disk1 Disk2 Appliance ioctl() KVM-based virtualization components Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP Custom Appliance KVM-based virtualization components QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) Custom Appliance KVM-based virtualization components libvirtd QMP QMP QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 libguestfs (guestfish) Custom Appliance KVM-based virtualization components OpenStack, et al.
    [Show full text]
  • Industrial Control Via Application Containers: Migrating from Bare-Metal to IAAS
    Industrial Control via Application Containers: Migrating from Bare-Metal to IAAS Florian Hofer, Student Member, IEEE Martin A. Sehr Antonio Iannopollo, Member, IEEE Faculty of Computer Science Corporate Technology EECS Department Free University of Bolzano-Bozen Siemens Corporation University of California Bolzano, Italy Berkeley, CA 94704, USA Berkeley, CA 94720, USA fl[email protected] [email protected] [email protected] Ines Ugalde Alberto Sangiovanni-Vincentelli, Fellow, IEEE Barbara Russo Corporate Technology EECS Department Faculty of Computer Science Siemens Corporation University of California Free University of Bolzano-Bozen Berkeley, CA 94704, USA Berkeley, CA 94720, USA Bolzano, Italy [email protected] [email protected] [email protected] Abstract—We explore the challenges and opportunities of control design full authority over the environment in which shifting industrial control software from dedicated hardware to its software will run, it is not straightforward to determine bare-metal servers or cloud computing platforms using off the under what conditions the software can be executed on cloud shelf technologies. In particular, we demonstrate that executing time-critical applications on cloud platforms is viable based on computing platforms due to resource virtualization. Yet, we a series of dedicated latency tests targeting relevant real-time believe that the principles of Industry 4.0 present a unique configurations. opportunity to explore complementing traditional automation Index Terms—Industrial Control Systems, Real-Time, IAAS, components with a novel control architecture [3]. Containers, Determinism We believe that modern virtualization techniques such as application containerization [3]–[5] are essential for adequate I. INTRODUCTION utilization of cloud computing resources in industrial con- Emerging technologies such as the Internet of Things and trol systems.
    [Show full text]
  • Open Virtualization Infrastructure for Large Telco: How Turkcell Adopted Ovirt for Its Test and Development Environments
    Open Virtualization Infrastructure for large Telco: How Turkcell adopted oVirt for its test and development environments DEVRIM YILMAZ SAYGIN BAKTIR Senior Expert Cloud Engineer Cloud Systems Administrator 09/2020 This presentation is licensed under a Creative Commons Attribution 4.0 International License About Turkcell ● Turkcell is a digital operator headquartered in Turkey ● Turkcell Group companies operate in 5 countries – Turkey, Ukraine, Belarus, Northern Cyprus, Germany ● Turkcell is the only NYSE-listed company in Turkey. ● www.turkcell.com.tr 3 Business Objectives ● Alternative solutions compatible with Turkcell operational and security standards ● Dissemination of open source infrastructure technologies within the company ● Competitive infrastructure with cost advantage 3 The journey of oVirt 4 The Journey of oVirt 3. Step three 1. Research & 2. Go-Live 3. Go-Live 4. Private Cloud 5. Go-Live Development Phase-1 Phase-2 Automation RHV 5 Research & Development ● Motivation Factors ○ Cost 1. Research & ○ Participation Development ○ Regulation ○ Independence ○ Expertise ● Risk Factors ○ Security ○ Quality ○ Compliance ○ Support ○ Worst Practices 6 Research & Development ● Why oVirt? ○ Open Source licensing 1. Research & ○ Community contribution Development ○ The same roadmap with commercial product ○ Support via subscription if required ○ Adequate features for enterprise management ○ Rest API support 6 Research & Development ● Difficulties for new infra solution ○ Integration with current infrastructure 1. Research & - Centralized Management Development - Certified/Licensed Solutions - Integration Cost ○ Incident & Problem Management - 3rd Party Support - Support with SLA ○ Acquired Habits - Customer Expectations - Quality of IT Infrastructure Services 6 Research & Development ● What we achieved ○ Building of PoC environment 1. Research & ○ V2V Migration Development ○ Upgrade Tests starting with v.4.3.2 ○ Functional Tests ○ Backup Alternative Solutions 6 Go-Live Phase-1 ● Phase-1 contains : ○ Building of new oVirt platform with unused h/w 2.
    [Show full text]
  • A Virtual Machine Environment for Real Time Systems Laboratories
    AC 2007-904: A VIRTUAL MACHINE ENVIRONMENT FOR REAL-TIME SYSTEMS LABORATORIES Mukul Shirvaikar, University of Texas-Tyler MUKUL SHIRVAIKAR received the Ph.D. degree in Electrical and Computer Engineering from the University of Tennessee in 1993. He is currently an Associate Professor of Electrical Engineering at the University of Texas at Tyler. He has also held positions at Texas Instruments and the University of West Florida. His research interests include real-time imaging, embedded systems, pattern recognition, and dual-core processor architectures. At the University of Texas he has started a new real-time systems lab using dual-core processor technology. He is also the principal investigator for the “Back-To-Basics” project aimed at engineering student retention. Nikhil Satyala, University of Texas-Tyler NIKHIL SATYALA received the Bachelors degree in Electronics and Communication Engineering from the Jawaharlal Nehru Technological University (JNTU), India in 2004. He is currently pursuing his Masters degree at the University of Texas at Tyler, while working as a research assistant. His research interests include embedded systems, dual-core processor architectures and microprocessors. Page 12.152.1 Page © American Society for Engineering Education, 2007 A Virtual Machine Environment for Real Time Systems Laboratories Abstract The goal of this project was to build a superior environment for a real time system laboratory that would allow users to run Windows and Linux embedded application development tools concurrently on a single computer. These requirements were dictated by real-time system applications which are increasingly being implemented on asymmetric dual-core processors running different operating systems. A real time systems laboratory curriculum based on dual- core architectures has been presented in this forum in the past.2 It was designed for a senior elective course in real time systems at the University of Texas at Tyler that combines lectures along with an integrated lab.
    [Show full text]
  • GPU Virtualization on Vmware's Hosted I/O Architecture
    GPU Virtualization on VMware’s Hosted I/O Architecture Micah Dowty, Jeremy Sugerman VMware, Inc. 3401 Hillview Ave, Palo Alto, CA 94304 [email protected], [email protected] Abstract more computational performance than CPUs. At the Modern graphics co-processors (GPUs) can produce same time, GPU acceleration has extended beyond en- high fidelity images several orders of magnitude faster tertainment (e.g., games and video) into the basic win- than general purpose CPUs, and this performance expec- dowing systems of recent operating systems and is start- tation is rapidly becoming ubiquitous in personal com- ing to be applied to non-graphical high-performance ap- puters. Despite this, GPU virtualization is a nascent field plications including protein folding, financial modeling, of research. This paper introduces a taxonomy of strate- and medical image processing. The rise in applications gies for GPU virtualization and describes in detail the that exploit, or even assume, GPU acceleration makes specific GPU virtualization architecture developed for it increasingly important to expose the physical graph- VMware’s hosted products (VMware Workstation and ics hardware in virtualized environments. Additionally, VMware Fusion). virtual desktop infrastructure (VDI) initiatives have led We analyze the performance of our GPU virtualiza- many enterprises to try to simplify their desktop man- tion with a combination of applications and microbench- agement by delivering VMs to their users. Graphics vir- marks. We also compare against software rendering, the tualization is extremely important to a user whose pri- GPU virtualization in Parallels Desktop 3.0, and the na- mary desktop runs inside a VM. tive GPU. We find that taking advantage of hardware GPUs pose a unique challenge in the field of virtu- acceleration significantly closes the gap between pure alization.
    [Show full text]
  • KVM Based Virtualization and Remote Management Srinath Reddy Pasunuru St
    St. Cloud State University theRepository at St. Cloud State Culminating Projects in Information Assurance Department of Information Systems 5-2018 KVM Based Virtualization and Remote Management Srinath Reddy Pasunuru St. Cloud State University, [email protected] Follow this and additional works at: https://repository.stcloudstate.edu/msia_etds Recommended Citation Pasunuru, Srinath Reddy, "KVM Based Virtualization and Remote Management" (2018). Culminating Projects in Information Assurance. 53. https://repository.stcloudstate.edu/msia_etds/53 This Starred Paper is brought to you for free and open access by the Department of Information Systems at theRepository at St. Cloud State. It has been accepted for inclusion in Culminating Projects in Information Assurance by an authorized administrator of theRepository at St. Cloud State. For more information, please contact [email protected]. 1 KVM Based Virtualization and Remote Management by Srinath Reddy Pasunuru A Starred Paper Submitted to the Graduate Faculty of St. Cloud State University in Partial Fulfillment of the Requirements for the Degree Master of Science in Information Assurance May, 2018 Starred Paper Committee Susantha Herath, Chairperson Ezzat Kirmani Sneh Kalia 2 Abstract In the recent past, cloud computing is the most significant shifts and Kernel Virtual Machine (KVM) is the most commonly deployed hypervisor which are used in the IaaS layer of the cloud computing systems. The Hypervisor is the one which provides the complete virtualization environment which will intend to virtualize as much as hardware and systems which will include the CPUs, Memory, network interfaces and so on. Because of the virtualization technologies such as the KVM and others such as ESXi, there has been a significant decrease in the usage if the resources and decrease in the costs involved.
    [Show full text]
  • VDI with UDS Enterprise and Microsoft Hyper-V
    UDS Enterprise VDI with UDS Enterprise & Microsoft Hyper-V www.udsenterprise.com About UDS Enterprise UDS Enterprise functionalities UDS Enterprise is a multiplatform connection broker . Scalable platform. It supports configurations for: in high availability by deploying several UDS Enterprise brokers in cluster . VDI: Windows and Linux virtual desktops . Unlimited number of configurations thanks to administration and deployment its additional module management system . Windows and Linux app virtualization and the definition of configuration variables . Desktop services consolidation on two levels: . Remote access to physical and virtual devices o Definition of configuration variables at system level UDS Enterprise is ideal for managing workstations o Definition of independent module because, among other functions, it allows you to configuration variables perform the following tasks: . Virtual desktop cache system in two levels for fast connection . Manage the life cycle of the endpoint . Administer and manage Windows and Linux . Management of unlimited services (Microsoft virtual desktops, virtualized applications and Hyper-V, Microsoft Azure, VMware vSphere, IP services deployed on different platforms Nutanix Acropolis, OpenNebula, OpenStack, from a single console Proxmox, oVirt, Terminal Server…) . Connect users and user groups of different . Unlimited user and device authentication authentication systems at the same time with systems (AD, Microsoft Azure Active virtual desktops and different IP services Directory, eDirectory, LDAP, SAML, internal . Connect users with remote desktop services by enabling one or more connection authentication system, authentication by IP) protocols at the same time . Log visualization system and system . Define policies for the use of deployed virtual statistics desktops or other resources . Deployment of virtual desktops in multiple . Deploy template-based virtual desktops hypervisors at the same time and managed .
    [Show full text]
  • Model to Implement Virtual Computing Labs Via Cloud Computing Services
    S S symmetry Article Model to Implement Virtual Computing Labs via Cloud Computing Services Washington Luna Encalada 1,2,* ID and José Luis Castillo Sequera 3 ID 1 Department of Informatics and Electronics, Polytechnic School of Chimborazo, Riobamba 060155, EC, Ecuador 2 Department of Doctorate in Systems Engineering and Computer Science, National University of San Marcos, Lima 15081, Peru; [email protected] 3 Department of Computer Sciences, Higher Polytechnic School, University of Alcala, 28871 Alcala de Henares, Spain; [email protected] * Correspondence: [email protected]; Tel.: +593-032-969-472 Academic Editor: Yunsick Sung Received: 1 May 2017; Accepted: 3 July 2017; Published: 13 July 2017 Abstract: In recent years, we have seen a significant number of new technological ideas appearing in literature discussing the future of education. For example, E-learning, cloud computing, social networking, virtual laboratories, virtual realities, virtual worlds, massive open online courses (MOOCs), and bring your own device (BYOD) are all new concepts of immersive and global education that have emerged in educational literature. One of the greatest challenges presented to e-learning solutions is the reproduction of the benefits of an educational institution’s physical laboratory. For a university without a computing lab, to obtain hands-on IT training with software, operating systems, networks, servers, storage, and cloud computing similar to that which could be received on a university campus computing lab, it is necessary to use a combination of technological tools. Such teaching tools must promote the transmission of knowledge, encourage interaction and collaboration, and ensure students obtain valuable hands-on experience.
    [Show full text]
  • Demystifying Desktop Virtualization
    Proceedings of the 9th WSEAS International Conference on APPLIED COMPUTER SCIENCE Demystifying desktop virtualization TOMISLAV PETROVIĆ Vetropack Straža d.d. Hum na Sutli Hum na Sutli 203, 49231 Hum na Sutli CROATIA [email protected] http://www.vetropack.hr KREŠIMIR FERTALJ University of Zagreb Faculty of Electrical Engineering and Computing, Unska 3 CROATIA [email protected] http://www.fer.hr Abstract: - This paper presents concepts of virtualization techniques. Both server virtualization and desktop virtualization are briefly presented, but desktop virtualization is discussed in more details. As the size of computer systems grows every day with new applications, and with new client and market requirements, it is obvious that something must be done to ease the administration and effectively secure data. Additionally, disaster recovery plans must be improved too. Virtualization has solved many of these requirements and has become more and more popular so that many companies decided to implement a virtual server, virtual storage or/and virtual desktops. The paper lists the reasons why to implement virtual desktops and servers and what are the main benefits of such implementations. Virtual environments the also have some downsides, which are presented, explained and compared to the advantages. Key-Words: - desktop virtualization, virtual machine, infrastructure client, connection manager, thin client 1 Introduction access, etc. Manual administration of many separate computers is In this paper we describe the concept of virtualization, hard, tedious and time consuming job. A variety of use of desktop virtualization within leading companies, choices exists for installing and reinstalling of different discuss reasons for its usage and give main advantages, software and hardware by a user at a local computer.
    [Show full text]
  • Xen on X86, 15 Years Later
    Xen on x86, 15 years later Recent development, future direction QEMU Deprivileging PVShim Panopticon Large guests (288 vcpus) NVDIMM PVH Guests PVCalls VM Introspection / Memaccess PV IOMMU ACPI Memory Hotplug PVH dom0 Posted Interrupts KConfig Sub-page protection Hypervisor Multiplexing Talk approach • Highlight some key features • Recently finished • In progress • Cool Idea: Should be possible, nobody committed to working on it yet • Highlight how these work together to create interesting theme • PVH (with PVH dom0) • KConfig • … to disable PV • PVshim • Windows in PVH PVH: Finally here • Full PVH DomU support in Xen 4.10, Linux 4.15 • First backwards-compatibility hack • Experimental PVH Dom0 support in Xen 4.11 PVH: What is it? • Next-generation paravirtualization mode • Takes advantage of hardware virtualization support • No need for emulated BIOS or emulated devices • Lower performance overhead than PV • Lower memory overhead than HVM • More secure than either PV or HVM mode • PVH (with PVH dom0) • KConfig • … to disable PV • PVshim • Windows in PVH KConfig • KConfig for Xen allows… • Users to produce smaller / more secure binaries • Makes it easier to merge experimental functionality • KConfig option to disable PV entirely • PVH • KConfig • … to disable PV • PVshim • Windows in PVH PVShim • Some older kernels can only run in PV mode • Expect to run in ring 1, ask a hypervisor PV-only kernel (ring 1) to perform privileged actions “Shim” Hypervisor (ring 0) • “Shim”: A build of Xen designed to allow an unmodified PV guest to run in PVH mode
    [Show full text]
  • Ovirt Architecture
    oVirt Architecture Itamar Heim Presented here by Dan Kenigsberg [email protected] oVirt Overview 1 Agenda ● oVirt Components ● Engine ● Clients ● Host ● Engine Agent - VDSM ● Guest ● Storage Concepts ● Data Warehouse & Reports ● User flows oVirt Overview 2 Architecture From 30,000 Feet Servers Engine Client oVirt Overview 3 The Real World Web Clients Python SDK DB Python CLI Engine R LDAP E Server S T Guest agent Spice Guest client Shared Storage VDSM Host Local Storage oVirt Overview 4 oVirt Engine VM & Template Life Cycle Load HA create, schedule, snapshot Balancing Storage Configuration & Monitoring Network Configuration & Monitoring Host Host Host Host Register/Install Monitoring Maintenance Fencing Authentication, Authorization Inventory Audit oVirt Overview 5 oVirt Engine Postgres DB Active Directory Engine RHDS R E S IDM T oVirt Overview 6 The Real World Web Clients Python SDK DB Python CLI Engine R LDAP E Server S T Guest agent Spice Guest client Shared Storage VDSM Host Local Storage oVirt Overview 7 The Clients Admin Portal User Portal R Python SDK Engine E S T Python CLI oVirt Overview 8 Admin Portal oVirt Overview 9 User Portal oVirt Overview 10 Power User Portal oVirt Overview 11 REST API oVirt Overview 12 SDK oVirt Overview 13 CLI oVirt Overview 14 The Real World Web Clients Python SDK DB Python CLI Engine R LDAP E Server S T Guest agent Spice Guest client Shared Storage VDSM Host Local Storage oVirt Overview 15 The Host QEMU/KVM Fedora Engine MOM libvirt oVirt Node VDSM KSM Configuration Monitoring : Network, Storage, Host,
    [Show full text]
  • Vnfs in a CNF Environment
    VNFs in a CNF environment Monika Antoniak, Piotr Skamruk CodiLime Agenda ● Who are we? ● Business use case - use existing VNFs in a containerized set-up ● Technical solution to the problem ● Q&A Who we are? Who we are ● CodiLime has been providing networking engineering services since 2011 ● As part of our R&D efforts and based on our expertise with CNFs and VNFs, we have decided to explore this topic further ● Today we are presenting the working example Business use case Business case What if… ● You love the lightness of containers and use them on a daily basis ● You value the flexibility and resilience of the overall solution ● You want a simple way to deploy things ● You enjoy using kubernetes to manage your resources ● ...and you use a business critical network function as a blackbox VM What can you do to get all of that? A step back: VNFs and CNFs VNF (Virtual Network Function): a well- CNF (Containerized Network Function): a known way to realize network functions in new way of providing required network virtualized or cloud environments functionality with the help of containers Software is provided as a VM image that Software is distributed as a container cannot be changed into a container image, image and can be managed using or is based on an operating system other container-management tools (like docker than Linux images in kubernetes env) VNF examples: vFW, vBNG, vEPC CNF examples: vCPE/cCPE, LDAP, DHCP Back to business Goal: a converged setup for running containerized and VM-based network functions ● using a single user interface
    [Show full text]