Rump kernel based QEMU stubdomain Wei Liu Seattle { August 17-18, 2015 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Agenda I Background I Introduction to rump kernel I Why rump kernel I What are required for QEMU stubdomain I Status of upstream QEMU stubdomain Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 2 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Background I Feature parity with QEMU traditional I so that we can eventually use QEMU upstream for everything I Most secure option for sandboxing QEMU I But be aware of the downside: extra resources required Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 3 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Introduction to rump kernel Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 4 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Why rump kernel Options we considered: I Roll our own I Linux based I OSv based I Rump kernel based Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 5 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Why rump kernel Roll our own: I Like QEMU traditional stubdom I Require much work to maintain I QEMU upstream changes a lot Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 6 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Why rump kernel Linux based: I Anthony Perard built a prototype I Hard to build I Hard to distribute Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 7 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Why rump kernel OSv based: I Provides toolchain to turn application to VM I No C++ expertise I No PV support (yet) Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 8 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Why rump kernel Rump kernel based: I Provides toolchain to turn application to VM I NetBSD code base I POSIX-y interface I Many NetBSD infrastructures available I Lots of utilities for debugging (with the help of syscall proxy) I PV support Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 9 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective What are required To build a QEMU stubdomain: I Xenbus driver I Privcmd driver I Grant table driver I Tap (and bridge) device I Communication channel between toolstack domain and QEMU Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 10 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective What are required How are they done in QEMU traditional stubdomain I Various drivers: libxc hooked up to mini-os I Tap device: hacked together, dump traffic to vif I Communication: via special consoles Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 11 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective What are required How are they (going to be) done in QEMU upstream stubdomain I Various drivers: rump kernel hooked up to mini-os I Tap (and bridge) device: provided by NetBSD I Communication: libvchan or TCP network Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 12 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Things done so far I All required Xen drivers upstreamed in rump kernel I Bridge and tap drivers enabled I QEMU built as unikernel I Build a bunch of prerequisite libraries I Build QEMU with prerequisite libraries I Able to run with {help and exits Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 13 / 19 Agenda Xen 4.6 timeline Development update Xen 4.6 Retrospective Problems need to be solved I Bootstrap rump kernel to certain state I Network topology setup etc I Currently use a simple program to do that I Stabilise toolchain and utilities I Wish to use rumprun directly from libxl I Currently not sure if it meets every requirement we have I How to build QEMU stubdomain I Currently done with a hacked-up script I Building should be done with Raisin, don't want to put into Xen tree Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 14 / 19 Thank you! Seattle { August 17-18, 2015 Rump kernel based QEMU stubdomain 15 / 19.