User: Password:
|
|
Subscribe / Log in / New account

An Introduction to Full Virtualization With Xen (Linux.com)

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 23, 2012 21:01 UTC (Tue) by cyanit (guest, #86671)
Parent article: An Introduction to Full Virtualization With Xen (Linux.com)

Do people still use Xen?

Why haven't they all switched to KVM already?


(Log in to post comments)

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 23, 2012 21:22 UTC (Tue) by lutchann (✭ supporter ✭, #8872) [Link]

I get the impression that if you want "enterprise" features such as data-center-wide management and support contracts, there is a much bigger ISV ecosystem around Xen. I don't really know though--I abandoned Xen for KVM years ago.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 23, 2012 21:28 UTC (Tue) by sytoka (subscriber, #38525) [Link]

Why switch to KVM ?

Xen is in the Linux mainstream now. It's very easy to change from Xen to KVM or LXC... So why change a good solution ?

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 23, 2012 22:52 UTC (Tue) by cesarb (subscriber, #6266) [Link]

> Why haven't they all switched to KVM already?

AFAIK, KVM needs HVM.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 4:53 UTC (Wed) by stefanha (subscriber, #55072) [Link]

>> Why haven't they all switched to KVM already?
> AFAIK, KVM needs HVM.

No, KVM has always done HVM. HVM means using the hardware virtualization extensions (Intel VMX or AMD SVM). This allows unmodified guest operating systems to run.

Speaking of KVM, there is a project called Xenner to run Xen PV guests on KVM. More info here:

http://kraxel.fedorapeople.org/xenner/

[Disclaimer: I work on KVM]

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 7:35 UTC (Wed) by drago01 (subscriber, #50715) [Link]

> No, KVM has always done HVM. HVM means using the hardware virtualization extensions (Intel VMX or AMD SVM). This allows unmodified guest operating systems to run.

Your answer does not make sense, what he said is that KVM needs (as in requires) hardware virtulaization extensions to work, while Xen does not (for paravirualizied guests).

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 12:32 UTC (Wed) by cesarb (subscriber, #6266) [Link]

> what he said is that KVM needs (as in requires) hardware virtulaization extensions to work, while Xen does not

Yes, that is what I meant. I did not notice that "needs" could be read in an alternate way (as in "should have" or "is missing"); sorry for the confusion.

The problem is that not all systems are able to do hardware virtualization. You have older machines which are from before the virtualization extensions, newer machines where for some reason the virtualization extensions are disabled by the BIOS, and Intel processors where the same model might or might not have virtualization extensions (unless you know to look at http://ark.intel.com/ before buying).

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 14:38 UTC (Wed) by raven667 (subscriber, #5198) [Link]

At least from a server environment I don't think it's a good idea to run machines which are too old to have working VT instructions. It's cheaper for power/cooling to buy new, faster, more efficient machines and consolidate workloads than to keep running a larger number of slower, older, power-hungry hosts.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 15:08 UTC (Wed) by gnb (subscriber, #5132) [Link]

Agreed for servers people sometimes need to run a VM on their desktop/laptop and there is surprisingly recent and otherwise OK hardware that lacks VT-x.

http://ark.intel.com/products/69669/Intel-Pentium-Process...

is a plausible laptop/low-end desktop CPU, 64-bit, came out this year, no VT-x.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 16:38 UTC (Wed) by drag (subscriber, #31333) [Link]

Friends don't let friends buy Intel if they care about virtualization on low-medium range machines.

Intel intentionally disables features to create market segmentation. AMD does not do this and as such AMD is a superior processor for Linux desktop users that don't want to spend lots of money.

The idea of having the possibility of using Xen-style paravirtualized systems is lovely, but in practice it leaves a lot to be desired.

Two of the biggest reasons for using virtualization are to deal with legacy software that requires a specific configuration and being able to run Windows systems on Linux. Both of those things don't exist for Xen without VT hardware support.

AND if you can take advantage of using Xen PV without changing kernels or anything like that then you will almost always get better performance if you use something like LXC.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 26, 2012 21:47 UTC (Fri) by jond (subscriber, #37669) [Link]

A gaggle of J. Random Developers with laptops that lack VT is not what is sustaining Xen. It must be something else.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 26, 2012 22:16 UTC (Fri) by dlang (subscriber, #313) [Link]

I believe it's primarily Enterprise Inertia

at one time Xen was "the way to do virtualization" on Linux, and enterprises that setup their networks at that time aren't willing to change.

Actually, I strongly suspect that most of those organizations are still running the OS versions that they installed on the systems, but because of the 'installed base', having Xen updates in new versions is 'important', even for those companies that aren't running the new versions (after all, they may want to, and it shows that they made the right decisions way back when)

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 26, 2012 21:46 UTC (Fri) by jond (subscriber, #37669) [Link]

I find it hard to believe that any of those reasons you cite are genuine reasons that people would run production stuff on Xen. I'm sure such reasons exist, I just don't know them.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 27, 2012 1:25 UTC (Sat) by ixs (subscriber, #47170) [Link]

Xen offers considerably lower latencies for both disk IO as well as network IO.
Even with PV drivers kvm is not even playing in the same league whenever we test this.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 23, 2012 23:55 UTC (Tue) by Lennie (guest, #49641) [Link]

Xen has certain features KVM does not, I'm not well versed in these things. But I think this is at least one:

http://wiki.xen.org/wiki/Remus like VMWare which allows state of a VM to be replicated over a highspeed link to an other machine for failover.

And I keep reading Xen is faster than KVM, but I haven't tested that in my environment yet.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 8:44 UTC (Wed) by robert_s (subscriber, #42402) [Link]

"And I keep reading Xen is faster than KVM, but I haven't tested that in my environment yet."

From what I've seen, Xen is faster than KVM about half the time, and vice versa the other half.

And it's hard to predict which will be faster for a particular workload.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 9:59 UTC (Wed) by Lennie (guest, #49641) [Link]

I know Phoronix might not be all that populair with the development community, but their results showed something like that too.

Judging by some of the other things I've seen online, KVM has gotten better and Xen and KVM seem to be getting closer in performance and I think I've even seen them supporting paravirtualisation APIs from each other.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 13:20 UTC (Wed) by cas (subscriber, #52554) [Link]

Remus sounds useful.

For KVM, there's plain old migration.

It's not the same as VM mirroring, but if you don't have the hardware (or the need) for completely transparent VM failover, you can do something similar with virsh save and virsh restore of a currently running VM.

The VM is paused for as long as it takes to save, transfer to another machine, and restore the VM's state.

Works well enough with shared storage (like NFS), and (i haven't tried this) might even work if you save to stdout, pipe over ssh, and then restore from stdin.

Otherwise if the VM or the server it's running on has died, DRBD or iscsi volumes or even qcow2 on NFS can be used to boot a VM on another server.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 13:50 UTC (Wed) by Lennie (guest, #49641) [Link]

Most people don't need something like Remus.

If you want some form of failover it is usually better to have 2 VM's in proper failover configuration. In a way that fits the software involved.

But the question was why Xen, so I thought I'd mention it. :-)

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 15:45 UTC (Wed) by Lennie (guest, #49641) [Link]

Maybe I should add that Remus does not work well over a WAN-link (you need lowlatency). So you probably can't use it for failover to a different datacenter either.

Amazon and Xen

Posted Oct 24, 2012 8:17 UTC (Wed) by man_ls (guest, #15091) [Link]

What is wrong with Xen? Amazon uses Xen, most people use Amazon, therefore most people use Xen.

Amazon and Xen

Posted Oct 24, 2012 15:20 UTC (Wed) by aliguori (subscriber, #30636) [Link]

Honestly? Nothing's wrong with Xen. Most of the interesting things are done in hardware these days anyway so there isn't a huge difference between any hypervisor out there.

But what most people don't understand about Xen is that it's not "part of Linux". The bits that were merged into the kernel in recent years are guest-enablement features only. It's a full blown Operating System that has no relationship to Linux at all. It's a microkernel design based on an old research project (search for Nemesis Micorkernel if you're interested). Linux only runs as a guest under Xen.

Xen has its own scheduler, own MMU, own set of device drivers. By constrast, there is no such thing as the "KVM scheduler". KVM is just a small layer that adds virtualization support to Linux. *Linux is the hypervisor*.

I prefer KVM over Xen for the virtualization for the same reason I prefer Linux over FreeBSD for running Apache, or Linux over <insert custom OS> for whatever workload you can think of.

History has shown that collaborating on a general purpose OS wins time and time again over special purpose boutique OSes. That's why many of our cell phones and DVD players run Linux along with most of the Top 500 supercomputers.

You can always make the argument "but you can build a better scheduler for XYZ workloads". It's a short sighted world view that almost always loses over time.

Amazon and Xen

Posted Oct 24, 2012 23:14 UTC (Wed) by LarsKurth (guest, #87439) [Link]

I wanted to dive deeper into the point that Xen is not part of Linux. Although it is true that the Hypervisor is not part of the Linux Kernel, all the enablers that enable guests (DomU) and Xen hosts (Dom0) are in the Kernel. The Hypervisor itself doesn't need to be part of the kernel. As long as Xen is delivered via a a distro's package manager, I don't need to care whether Linux is the Hypervisor, or whether it is not. At the end of the day, Xen and KVM make different design decisions, leading to different trade-offs and thus one or the other setup will be better for different workloads.

The Xen Hypervisor delegates a lot of functionality to the Dom0 kernel (typically Linux, but can also be NetBSD). And although there are Xen specific drivers for the PV interface in the kernel, these are essentially just shims that call the device drivers in the Dom0 kernel and are part of the PV interface.

Amazon and Xen

Posted Oct 26, 2012 11:06 UTC (Fri) by dunlapg (subscriber, #57764) [Link]

Xen is a part of Linux just as much as qemu-kvm is a part of Linux. A lot of interesting stuff is done in the kernel, but a whole lot more of the interesting stuff is done in qemu. Similarly, a lot of interesting stuff is done in the Xen hypervisor, but a lot of other interesting stuff is done in Linux itself -- the frontend/backend ring protocols, and so on.

Both Xen and qemu-kvm have interesting parts in Linux and interesting parts outside. So if KVM is Linux, then Xen is Linux; if Xen is not Linux, then KVM (at least qemu-kvm) is not Linux.

Amazon and Xen

Posted Oct 27, 2012 12:39 UTC (Sat) by pbonzini (subscriber, #60935) [Link]

qemu-kvm just has some threads that represent virtual CPUs. These threads and their resources are managed by the Linux scheduler, the Linux virtual memory manager, the Linux power manager, etc. You can use the regular tools such as cgroups to tune VMs, to distribute

On Xen you have two levels of scheduling and two levels of memory management. Xen distributes CPU shares to all domains (including dom0), and dom0 distributes CPU shares among its processes. Xen assigns memory to all domains (including dom0), and dom0 distributes memory among its processes. It's much harder to use a Xen dom0 for non-VM-related tasks, because you can only partly control the resources that dom0 receives.

For power management, Xen has to ask dom0 to process ACPI tables and basically summarize them to the hypervisor. It's even more complicated when it comes to paging, because Xen doesn't do paging on its own---it asks dom0 to page stuff in and out.

Sure, the Xen architecture seems simpler (because you "just" have to handle VCPUs, not arbitrary tasks, and because you "just" have to share memory among a few dozen domains rather than thousands of arbitrary tasks). And to some extent it is, because inventing a new scheduler or memory manager trick is much easier on Xen than on Linux. But in the end I think KVM's performance and simplicity proves that it is not worthwhile, also because every improvement done to favor KVM (think of Andrea Arcangeli's transparent huge pages and AutoNUMA) will benefit every workload, and will effectively have double benefit if you can use it to speed up both the host and the guest.

Amazon and Xen

Posted Oct 27, 2012 12:40 UTC (Sat) by pbonzini (subscriber, #60935) [Link]

Uh, I realized now to whom I was answering... hi George. :)

You knew already what I wrote, which makes me so much more eager to read what you think about it...

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 14:47 UTC (Wed) by ibukanov (subscriber, #3942) [Link]

In addition to already mentioned reasons to use XEN, it also takes advantage of IOMMU hardware and can run, for example, a guest OS against the real networking hardware. Besides performance improvements it allows to isolate a bug in a network driver or even in TCP implementation from the rest of the system.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 15:11 UTC (Wed) by aliguori (subscriber, #30636) [Link]

KVM also has IOMMU support FWIW.

In fact, it was recently completely rewritten as a generalized Linux feature (VFIO) that could also be used to write userspace device drivers protected by an IOMMU.

There was even an LWN article: http://lwn.net/Articles/474088/

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 24, 2012 19:13 UTC (Wed) by pbonzini (subscriber, #60935) [Link]

As far as I know, the only features that KVM lack over Xen are fault-tolerance (though there are QEMU patches that implement it) and driver domains.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 25, 2012 0:28 UTC (Thu) by nix (subscriber, #2304) [Link]

And -- if you consider the full QEMU/KVM/guest-driver stack -- 3D rendering support.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 28, 2012 16:16 UTC (Sun) by nix (subscriber, #2304) [Link]

Oh, and does it have properly working USB support yet? Last time I tried, it couldn't do USB 2.0, but I haven't needed to use a USB device with one of my VMs in years.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 28, 2012 22:11 UTC (Sun) by pbonzini (subscriber, #60935) [Link]

It can do USB 2.0 (with companion USB 1.1 controllers) and USB 3.0 too.

Anyhow, qemu is shared between Xen and KVM, so that part of the feature set is shared (especially since both Xen and KVM can now use upstream qemu rather than their own forks).

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 25, 2012 1:41 UTC (Thu) by Tobu (subscriber, #24111) [Link]

Xen is pretty powerful and flexible. But Mirage is the coolest thing: a framework for building applications in a safe language that, once compiled, will run on the bare metal with no OS involved.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 25, 2012 10:55 UTC (Thu) by rwmj (subscriber, #5474) [Link]

I love what Anil is doing with Mirage, but it's not true that this is an argument for Xen over KVM.

In the KVM world, you can already write a virtual machine that is entirely self-contained and requires no operating system. It's called .. erm .. a *process*, and Linux has had them for rather a long time.

KVM virtual machines are just regular processes, and you can run ordinary processes alongside them.

In a realworld case, say that your virtualized Apache server isn't getting the performance you need running under KVM. Well, just run an Apache server on the host instead.

Rich.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 25, 2012 12:08 UTC (Thu) by Tobu (subscriber, #24111) [Link]

You mean a process with a kernel, a scheduler, a page allocator, etc, underneath? That's not the same level of safety and implementation control at all.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 25, 2012 13:00 UTC (Thu) by rwmj (subscriber, #5474) [Link]

No, I mean what I said: a process.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 25, 2012 13:37 UTC (Thu) by Tobu (subscriber, #24111) [Link]

You did, but Apache doesn't illustrate very well. It targets POSIX, and just about every operation it does (network, memory, storage) goes through the syscall boundary. It also has multiple processes, which implies another large chunk of ipc, scheduling, and resource management is done outside of it. These abstractions are rigid boundaries that it cannot cross.

An Introduction to Full Virtualization With Xen (Linux.com)

Posted Oct 25, 2012 14:00 UTC (Thu) by rwmj (subscriber, #5474) [Link]

OK, but you can use mmap, O_DIRECT etc with a Linux kernel.

If you mean that it's better to program directly against the Xen hypervisor or some other exokernel, instead of using Linux at all, then Mirage is certainly an argument for doing that. (Also loving it myself because it's written largely in OCaml ...)

But the at some point I just know that my program is going to want to write to a file or ask the user a question, and then having Linux around and improving its support for low-level ops starts to look like a better long term option.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds