Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Agenda of the second half

advertisement 
Agenda of the second half
•Thursday
•Friday
•Week
Week 6: Dr. Ligang He
Week 6: Dr. Ligang He
7- 8: presentation
•Thursday
•Friday
Week 9: Dr. Kang Jing, University of Cambridge
Week 9: Dr. Matt Ismail, Centre of Scientific Computing
•Thursday
Week 10: Dr. Ligang He
Computer Science, University of Warwick
1
Cloud Computing and
Virtualization
Dr. Ligang He
What is Cloud? - definition in Wikipedia
Cloud computing involves the provision of dynamically scalable
and often virtualized resources as a service over the
Internet.
Computer Science, University of Warwick
3
What is Cloud?
-
Why the term “Cloud”?
-
Don’t have to possess the resources
-
run computational tasks
-
host web service
No upfront investment, Amortize the expenditure
-
-
Useful for small businesses
Users don’t need much experience in managing
underlying platform
Computer Science, University of Warwick
4
Where does the Cloud evolve from?
ÆCloud
computing is the further evolution and
commercialisation of the following technologies
‰
parallel computing
‰
distributed computing
‰
Grid computing
‰
Utility computing
Computer Science, University of Warwick
5
Comparisons between Cloud Computing
and Grid Computing
ÆGrid
Computing
ÆCloud
Computing
‰
Different organisations
‰
Single organisation
‰
Heterogeneous resources
‰
Homogeneous resources
‰
Virtual organisation
‰
Virtualised resources
‰
Focus on scientific
computing
‰
data processing
‰
No clear boundary between
Client and Server
‰
Client-server model
‰
Free
‰
Pay as you use
‰
Standardized
‰
No standard yet
‰
Academia
‰
Industry
Computer Science, University of Warwick
6
Service categories in Cloud Computing
ÆIaaS:Infrastructure
as a Service
Platform as a Service
ÆSaaS:
Software as a Service
IaaS
PaaS
SaaS
ÆPaaS:
Computer Science, University of Warwick
7
Virtualization technology
ÆA
key technology in Cloud Computing
Æsome
well known products
Æ Xen,
originally developed by Cambridge, now Citrix (for
linux)
Æ VMWare
Æ Parallel
(for linux and Windows)
desktop (for Mac)
ÆAllow
multiple guest operating systems to share
a computer
ÆA
running instance of a guest Operating system is call
Virtual Machine
ÆCan
host up to a few hundreds of Virtual
Machines
Computer Science, University of Warwick
8
Benefit of virtualization
-
Resource consolidation
-
VM migration
-
-
Workload balance
Environment isolation
Computer Science, University of Warwick
9
Xen Architecture
Xen DM&C
(Domain 0)
Application
Application
XenoLinux
Guest Domain
Application
Application
Application
Application
Application
Application
Application
Domain0
Guest Domain
XenoWindows
Xen Hypervisor
Hardware
Computer Science, University of Warwick
10
Life cycles of VMs
Physical machine
A)
b) Virtual Machine
Suspended
-
Suspend-to-RAM: standby
-
Suspend-to-disk: hibernation
Paused
-
Still resident, but VM is not allocated CPU
Computer Science, University of Warwick
11
Xen components
•Hypervisor
•
sits between the hardware and any operating systems
•
responsible for CPU scheduling and memory partitioning of VMs
•
Control executions of other domains
•
The philosophy of “less is more”
•
New version is less than old verison
•
does not reimplement the functions that have been provided by OS
(e.g. network and I/O)
Computer Science, University of Warwick
12
Xen components
Domain 0:
•
•
a modified linux kernel.
•
Domain Management and Control
•
Contain device drivers to access hardware
•
•
For example, Network Driver and Block Backend Driver to access I/O
Interact with other VMs.
Computer Science, University of Warwick
13
Xen components
•Domain
U
•
Has no direct access to hardware
•
Share resources with other domains (resources are virtualized)
•
As of Xen 3.x, require modified operating systems (linux,
Windows, Solaris, UNIX)
•
From Xen 4, support original operating systems
Computer Science, University of Warwick
14
Xen vs. OS
To some extent, writing Xen is similar as writing a
linux operating system
-
-
System call vs. hypercall
-
Signals vs. events
-
Filesystem vs. XenStore
Computer Science, University of Warwick
15
Hypercall
System call
-
The userspace code does not have the privilege to access
hardware, and therefore use a system call to tell the
kernel to do something for you
Hypercall
-
The kernel does not have privilege to run certain
instructions, therefore uses hypercall to request the
hypervisor, which runs in ring 0, to perform those
instructions
-
Originally, OS runs in Ring 0; applications run in ring 3; ring 1 and 2
are unused
-
In Xen, the OS kernel is modified to run in ring 1, therefore cannot run
certain instructions
-
Hypervisor runs in ring 0
Computer Science, University of Warwick
16
Event Channel
-
Channel and port can be used interchangeably
-
Three types of events
-
Physical IRQ
-
Virtual IRQ
-
Interdomain events
-
One domain allocates a new event channel as an unbound channel,
and grant permission for the other domain to bind to it
-
The second domain then allocates a new channel and binds it to the
remote domain’s channel
Requesting events
-
Create an event channel
-
Binding the channel to an event source (physical or virtual IRQ,
or remote domain’s channel)
-
Configuring a handler for the event
Computer Science, University of Warwick
17
Interface between hypervisor and domain
ÆTwo
mechanisms exist to control interactions between
hypervisor and an domain
‰
‰
Hypercall
•
Interface from a domain to hypervisor
•
Synchronous: the kernel issues a hypercall and then wait until the
hypercall is completed and the kernel is woken up
•
Like system call in conventional OS
Event channel
•
From a hypervisor to a domain
•
Asynchronous: the hypervisor delivers the event, and can continue to
perform other tasks; the event handler will be invoked to process the
event
•
Like signals in conventional OS
Computer Science, University of Warwick
18
Interface between domains
-
-
Sharing
-
A domain give the permission for other domains to access a memory
page
-
Another domain copies the memory page into its address space
-
The original copy is kept
Transferring
-
Coarse-grained message-passing mechanism
-
A memory page is transferred from one domain to another domain
-
Doesn’t keep the original copy
Computer Science, University of Warwick
19
•ParaVirtualisation
•
Modify operation systems
•
Is aware it does not have direct access to the hardware
•
Recognize other VMs are running in the same machine
•
Xen as of version 3.x
•Full
virtualisation
•
No need to modify operating systems
•
A domain is not aware of sharing the physical machine with
other Domain Us and existence of other Domain Us
•
VMWare
•
Xen since version 4.0
Computer Science, University of Warwick
20
CPU virtualization
•
Paravirtualization
•
Scheduling algorithms are used by hypervisor to share CPU among
VMs
•
Change the privilege of OS (Xen on x86)
•
modify some system calls in OS to hypercall (call the functionality
provided by hypervisor)
Computer Science, University of Warwick
21
Scheduling algorithms in Hypervisor
•SEDF:
Simple Earliest Deadline First
•
Each domain specifies its CPU requirement with a tuple (Si, Pi,
xi), representing Domi requests to receive at least si units of time
in each period of pi. Boolean flag xi represents whether Domi is
eligible to receive extra CPU time.
•
SEDF give CPU to the domain that 1) has not received the
requested share of CPU and 2) has the earliest deadline
Computer Science, University of Warwick
22
Scheduling algorithms in Hypervisor
•Credit
•
•
Each domain is assigned a weight and a cap
•
A domain with higher weight will get more share of CPU
•
The cap fixes the maximum amount of CPU a domain will be able to
consume. It is expressed in percentage of one physical CPU: 100 is 1
physical CPU, 50 is half a CPU, 400 is 4 CPUs, etc
Each CPU manages a local run queue of VCPUs, sorted by VCPU
priority
•
A VCPU’s priority can be: under and over, representing whether this
VCPU has exceeded its fair share of CPU during a period
•
A VCPU is allocated credit: the higher weight a domain has,
more credits are allocated to its VCPUs.
•
When a VCPU is running, its credit is deducted by a certain
value every 10ms
•
If its credit is less than 0, the VCPU’s priority is set to OVER,
otherwise it is UNDER
Computer Science, University of Warwick
23
•
All VCPUs waiting in the run-queue have their
credits topped up once every 30ms,
•
The Credit scheduler can automatically loadbalance the VCPUs across physical CPUs.
• When
a CPU doesn't find a VCPU of priority under
on its local run queue, it will “steal” one from
other physical CPUs.
• This
guarantees that no CPU idles when there is
runnable work in a multi-core system
Computer Science, University of Warwick
24
Memory virtualization
•MMU
•Two
(Memory Management Unit) is used to translate the virtual memory
level memory in a traditional operating system
•Three
level memory architecture in a VM system
•Hypervisor
translates the guest physical memory address to machine memory address
Computer Science, University of Warwick
25
I/O virtualization
•Paravirtualization
•
•
Modify the Guest OS, add split device driver
•
Device drivers for Console, XenStore, network and file system
•
These drivers are generic and abstract, only need to implement
one for each device category
When a Guest OS issues an I/O operation, it will be passed to
Domain 0. Domain 0 performs the I/O and return the results to
Guest OS
Computer Science, University of Warwick
26
Split device driver
Computer Science, University of Warwick
27
Isolating device drivers
Computer Science, University of Warwick
28
I/O virtualization
Full virtualization
•
•
Solution 2:
•
Domain 0 emulates the devices
•
Doman U accesses the emulated devices
Solution 1:
•
Hypervisor can directly operate on the hardware devices
•
When a Guest OS issues an I/O operation, Hypervisor
intercepts it, performs actual I/O, and return the results to the
Guest OS
•
Shortcoming: hypervisor has to be developed to manage all
hardware devices
Computer Science, University of Warwick
29
XenStore
-
Is a storage system shared between Xen guests
-
Not used for storing or transferring large amount of
data, but used as
-
-
a method of transmitting small amount of information
between domains
-
Exposing the location of the virtual devices
-
providing info about running domains
Maintained by Dom0, hypervisor is not aware of the
store
Computer Science, University of Warwick
30
Content of XenStore
-
Composed of directories
-
Each directory can contain other directories or keys
-
Each key has a value
Computer Science, University of Warwick
31
Computer Science, University of Warwick
32
Three top directories
-
/tool
- Used
-
/vm
- The
-
for tools to store info
information for each VM
/local
- Listing
all processes running in the system (like /proc
in Linux)
Computer Science, University of Warwick
33
Interacting with XenStore
From userspace
-
XenStore has a well-defined interface for
userspace programs to use
From kernel
-
The start info page contains the address
of the shared memory page used to
communicate with the store.
-
A guest maps this page into its own
address space and then all further
communication happens in this page
Computer Science, University of Warwick
34
Computer Science, University of Warwick
35
Computer Science, University of Warwick
36
Before Xen 3.x, only paravirtualization is supported
-
-
Change the OS, add split device driver: at
a minimum, console and xenstore
drivers, most implements the network
and block drivers; these drivers are
generic and abstract, only need to
implement one for each device category
HVM (hardware virtual Machine)
-
-
No need to change the OS
Computer Science, University of Warwick
37
Start info page
-
-
Contain basic information required by a
guest to initialize the kernel
Share info page
-
-
Give more data and is updated while the
guest is run
XenStore
-
-
Used by the guest to determine which
virtual devices are available
Computer Science, University of Warwick
38
System call
-
-
The userspace code does not have the
privilege to access hardware, and
therefore use a system call to tell the
kernel to do something for you
Hypercall
-
-
The kernel is running in ring 1, does not
have privilege to run certain instructions,
therefore uses hypercall to request the
hypervisor, which runs in ring 0, to
perform those instructions
Computer Science, University of Warwick
39
System call
-
-
Issue an interrupt, or invoke a system call
-
Jump to the kernel’s interrupt handler
-
Process the system call at the kernel’s privilege
-
Drop to the lower privilege level and return
As of Xen 3.x, Hypercall uses the same procedure as in system
call
-
-
Difference is that interrupt 82h, instead of 80h is used.
since Xen 4, hypercalls are issued via the hypercall page
-
-
Hypercall page is a memory page mapped to the guest’s
address space
-
Hypercalls are issued by calling an address within the
memory page
Computer Science, University of Warwick
40
Writing xen is similar to writing codes for unix
-
-
System call, hypercall
-
Signals, events
-
Filesystem, XenStore
-
Shared memory, Grant Table
Computer Science, University of Warwick
41
Two ways to transition between kernel space and
user space
-
-
System call
-
-
Synchronous calls originating from user space
Signals
-
Asynchronous messages from kernel space
-
Always delivered by the kernel, but can be initiated by the process
itself (when encounter exception), other processes (using kill
command/system call), and the kernel
-
When a process receives a signal,
Computer Science, University of Warwick
42
General purpose interprocess communication (IPC)
-
-
Sharing memory
Two interdomain operations
-
-
Sharing
-
Transferring
-
Coarse-grained message-passing mechanism
Computer Science, University of Warwick
43
Computer Science, University of Warwick
44
Real-machine
-
-
Suspended
-
Suspend-to-RAM: standby
-
Suspend-to-disk: hibernation
Virtual machine
-
-
Paused
-
Still resident, but VM is not allocated CPU
Computer Science, University of Warwick
45
•
Share pages are identified by an integer, known as a
grant reference
•
Interface to Xen’s share memory mechanism
•
grant_table_op hypercall
Two operations can be performed via grant table
•
•
Mapping and transferring
•
Both Insert physical pages to or from the caller’s address
space
•
Difference is that mapping leaves the page in the original
domain while transferring doesn’t
Computer Science, University of Warwick
46
•
Device I/O ring
Computer Science, University of Warwick
47
Event channel
-
Channel and port can be used interchangeably
-
Three types of events
-
Physical IRQ
-
Map physical IRQ to event channel for various devices
-
Virtual IRQ
-
Interdomain events
-
One domain allocates a new event channel as an unbound channel, and grant permission for the other domain
to bind to it
-
The second domain then allocates a new channel and binds it to the remote domain’s channel
Requesting events
-
Binding the channel to an event source (physical or virtual IRQ,
or remote domain’s channel)
-
Configuring a handler for the event
Computer Science, University of Warwick
48
XenStore
-
Is a storage system shared between Xen guests
-
Maintained by Dom0, hypervisor is not aware the
store
-
Accessed via shared memory page and event
channel
-
The start info page contains the address of the shared
memory page used to communicate with the store. A
guest maps this page and then all further communication
happens in this page
Computer Science, University of Warwick
49
Content of XenStore
-
Composed of directories
-
Each directory can contain other directories or keys
-
Each key has a value
-
Not used for storing or transferring large amount of
data, but used as a method of transmitting small
amount of information between domains
-
The location of the virtual devices is exposed via
XenStore
-
Also provides info about running domains
Computer Science, University of Warwick
50
Three top directories
-
/tool
- Used for tools to store info
-
/vm
- The information for each VM
-
/local
- Listing all processes running in the system (like /proc in Linux)
Computer Science, University of Warwick
51
Computer Science, University of Warwick
52
Interacting with XenStore
-
From userspace
-
From kernel
-
Xenstore has a well-defined interface for userspace
programs to use
-
Basic interface to the store consists of two ring
buffers
-
Request to update the store or for information of the store
is put in one ring
- Write by domU, read by dom0
-
Response is put in the other ring
- Write by dom0, and read by domU
Computer Science, University of Warwick
53
Related documents
Build-a-Link go.warwick.ac.uk/buildalink CREATE PERSISTENT WEB LINKS TO THE LIBRARY
Build-a-Link go.warwick.ac.uk/buildalink CREATE PERSISTENT WEB LINKS TO THE LIBRARY
The theory and practice of environmental governmentality, 1500-1800
The theory and practice of environmental governmentality, 1500-1800
Computing Matters Compute | Collaborate | Visualise 23 January 2015
Computing Matters Compute | Collaborate | Visualise 23 January 2015
Download
advertisement