article

Xen and the art of virtualization

Authors:
Paul Barham

Microsoft Research, Cambridge, UK

Microsoft Research, Cambridge, UK
View Profile

,
Boris Dragovic

University of Cambridge, Cambridge, UK

University of Cambridge, Cambridge, UK
View Profile

,
Keir Fraser

University of Cambridge, Cambridge, UK

University of Cambridge, Cambridge, UK
View Profile

,
Steven Hand

University of Cambridge, Cambridge, UK

University of Cambridge, Cambridge, UK
View Profile

,
Tim Harris

University of Cambridge, Cambridge, UK

University of Cambridge, Cambridge, UK
View Profile

,
Alex Ho

University of Cambridge, Cambridge, UK

University of Cambridge, Cambridge, UK
View Profile

,
Rolf Neugebauer

Intel Research, Cambridge, UK

Intel Research, Cambridge, UK
View Profile

,
Ian Pratt

University of Cambridge, Cambridge, UK

University of Cambridge, Cambridge, UK
View Profile

,
Andrew Warfield

University of Cambridge, Cambridge, UK

University of Cambridge, Cambridge, UK
View Profile

Authors Info & Claims

ACM SIGOPS Operating Systems Review Volume 37 Issue 5December 2003pp 164–177https://doi.org/10.1145/1165389.945462

Published:19 October 2003Publication History

ACM SIGOPS Operating Systems Review

Abstract

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of performance. Others sacrifice security or functionality for speed. Few offer resource isolation or performance guarantees; most provide only best-effort provisioning, risking denial of service.This paper presents Xen, an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware in a safe and resource managed fashion, but without sacrificing either performance or functionality. This is achieved by providing an idealized virtual machine abstraction to which operating systems such as Linux, BSD and Windows XP, can be ported with minimal effort.Our design is targeted at hosting up to 100 virtual machine instances simultaneously on a modern server. The virtualization approach taken by Xen is extremely efficient: we allow operating systems such as Linux and Windows XP to be hosted simultaneously for a negligible performance overhead --- at most a few percent compared with the unvirtualized case. We considerably outperform competing commercial and freely available solutions in a range of microbenchmarks and system-wide tests.

References

A. Awadallah and M. Rosenblum. The vMatrix: A network of virtual machine monitors for dynamic content distribution. In Proceedings of the 7th International Workshop on Web Content Caching and Distribution (WCW 2002), Aug. 2002.Google Scholar
A. Bakre and B. R. Badrinath. I-TCP: indirect TCP for mobile hosts. In Proceedings of the 15th International Conference on Distributed Computing Systems (ICDCS 1995), pages 136--143, June 1995. Google ScholarDigital Library
G. Banga, P. Druschel, and J. C. Mogul. Resource containers: A new facility for resource management in server systems. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation (OSDI 1999), pages 45--58, Feb. 1999. Google ScholarDigital Library
A. Bavier, T. Voigt, M. Wawrzoniak, L. Peterson, and P. Gunningberg. SILK: Scout paths in the Linux kernel. Technical Report 2002-009, Uppsala University, Department of Information Technology, Feb. 2002.Google Scholar
B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. Fiuczynski, D. Becker, S. Eggers, and C. Chambers. Extensibility, safety and performance in the SPIN operating system. In Proceedings of the 15th ACM SIGOPS Symposium on Operating Systems Principles, volume 29(5) of ACM Operating Systems Review, pages 267--284, Dec. 1995. Google ScholarDigital Library
A. Brown and M. Seltzer. Operating System Benchmarking in the Wake of Lmbench: A Case Study of the Performance of NetBSD on the Intel x86 Architecture. In Proceedings of the 1997 ACM SIGMETRICS Conference on Measurement and Modeling of Computer Systems, June 1997. Google ScholarDigital Library
E. Bugnion, S. Devine, K. Govil, and M. Rosenblum. Disco: Running commodity operating systems on scalable multiprocessors. In Proceedings of the 16th ACM SIGOPS Symposium on Operating Systems Principles, volume 31(5) of ACM Operating Systems Review, pages 143--156, Oct. 1997. Google ScholarDigital Library
Connectix. Product Overview: Connectix Virtual Server, 2003. http://www.connectix.com/products/vs.html.Google Scholar
G. Czajkowski and L. Daynes. Multitasking without compromise: a virtual machine evolution. ACM SIGPLAN Notices, 36(11):125--138, Nov. 2001. Proceedings of the 2001 ACM SIGPLAN Conference on Object Oriented Programming, Systems, Languages and Applications (OOPSLA 2001). Google ScholarDigital Library
S. Devine, E. Bugnion, and M. Rosenblum. Virtualization system including a virtual machine monitor for a computer with a segmented architecture. US Patent, 6397242, Oct. 1998.Google Scholar
K. J. Duda and D. R. Cheriton. Borrowed-Virtual-Time (BVT) scheduling: supporting latency-sensitive threads in a general-purpose scheduler. In Proceedings of the 17th ACM SIGOPS Symposium on Operating Systems Principles, volume 33(5) of ACM Operating Systems Review, pages 261--276, Kiawah Island Resort, SC, USA, Dec. 1999. Google ScholarDigital Library
G. W. Dunlap, S. T. King, S. Cinar, M. Basrai, and P. M. Chen. ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 211--224, Boston, MA, USA, Dec. 2002. Google ScholarDigital Library
D. Engler, S. K. Gupta, and F. Kaashoek. AVM: Application-level virtual memory. In Proceedings of the 5th Workshop on Hot Topics in Operating Systems, pages 72--77, May 1995. Google ScholarDigital Library
Ensim. Ensim Virtual Private Servers, 2003. http://www.ensim.com/products/materials/datasheet_vps_051003.pdf.Google Scholar
K. A. Fraser, S. M. Hand, T. L. Harris, I. M. Leslie, and I. A. Pratt. The Xenoserver computing infrastructure. Technical Report UCAM-CL-TR-552, University of Cambridge, Computer Laboratory, Jan. 2003.Google Scholar
T. Garfinkel, M. Rosenblum, and D. Boneh. Flexible OS Support and Applications for Trusted Computing. In Proceedings of the 9th Workshop on Hot Topics in Operating Systems, Kauai, Hawaii, May 2003. Google ScholarDigital Library
J. Gelinas. Virtual Private Servers and Security Contexts, 2003. http://www.solucorp.qc.ca/miscprj/urls_context.hc.Google Scholar
K. Govil, D. Teodosiu, Y. Huang, and M. Rosenblum. Cellular Disco: Resource management using virtual clusters on shared-memory multiprocessors. In Proceedings of the 17th ACM SIGOPS Symposium on Operating Systems Principles, volume 33(5) of ACM Operating Systems Review, pages 154--169, Dec. 1999. Google ScholarDigital Library
P. H. Gum. System/370 extended architecture: facilities for virtual machines. IBM Journal of Research and Development, 27(6):530--544, Nov. 1983.Google ScholarDigital Library
S. Hand. Self-paging in the Nemesis operating system. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation (OSDI 1999), pages 73--86, Oct. 1999. Google ScholarDigital Library
S. Hand, T. L. Harris, E. Kotsovinos, and I. Pratt. Controlling the XenoServer Open Platform, April 2003.Google Scholar
A. Jeffrey and I. Wakeman. A Survey of Semantic Techniques for Active Networks, Nov. 1997. http://www.cogs.susx. ac.uk/projects/safetynet/.Google Scholar
M. F. Kaashoek, D. R. Engler, G. R. Granger, H. M. Briceno, R. Hunt, D. Mazieres, T. Pinckney, R. Grimm, J. Jannotti, and K. Mackenzie. Application performance and flexibility on Exokernel systems. In Proceedings of the 16th ACM SIGOPS Symposium on Operating Systems Principles, volume 31(5) of ACM Operating Systems Review, pages 52--65, Oct. 1997. Google ScholarDigital Library
R. Kessler and M. Hill. Page placement algorithms for large real-indexed caches. ACM Transaction on Computer Systems, 10(4):338--359, Nov. 1992. Google ScholarDigital Library
S. T. King, G. W. Dunlap, and P. M. Chen. Operating System Support for Virtual Machines. In Proceedings of the 2003 Annual USENIX Technical Conference, Jun 2003. Google ScholarDigital Library
M. Kozuch and M. Satyanarayanan. Internet Suspend/Resume. In Proceedings of the 4th IEEE Workshop on Mobile Computing Systems and Applications, Calicoon, NY, Jun 2002. Google ScholarDigital Library
I. M. Leslie, D. McAuley, R. Black, T. Roscoe, P. Barham, D. Evers, R. Fairbairns, and E. Hyden. The design and implementation of an operating system to support distributed multimedia applications. IEEE Journal on Selected Areas In Communications, 14(7):1280--1297, Sept. 1996. Google ScholarDigital Library
J. MacKie-Mason and H. Varian. Pricing congestible network resources. IEEE Journal on Selected Areas In Communications, 13(7):1141--1149, Sept. 1995. Google ScholarDigital Library
L. McVoy and C. Staelin. lmbench: Portable tools for performance analysis. In Proceedings of the USENIX Annual Technical Conference, pages 279--294, Berkeley, Jan. 1996. Usenix Association. Google ScholarDigital Library
J. Navarro, S. Iyer, P. Druschel, and A. Cox. Practical, transparent operating system support for superpages. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 89--104, Boston, MA, USA, Dec. 2002. Google ScholarDigital Library
G. C. Necula. Proof-carrying code. In Conference Record of POPL~1997: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 106--119, Jan. 1997. Google ScholarDigital Library
S. Oikawa and R. Rajkumar. Portable RK: A portable resource kernel for guaranteed and enforced timing behavior. In Proceedings of the IEEE Real Time Technology and Applications Symposium, pages 111--120, June 1999. Google ScholarDigital Library
L. Peterson, D. Culler, T. Anderson, and T. Roscoe. A blueprint for introducing disruptive technology into the internet. In Proceedings of the 1st Workshop on Hot Topics in Networks (HotNets-I), Princeton, NJ, USA, Oct. 2002.Google Scholar
I. Pratt and K. Fraser. Arsenic: A user-accessible gigabit ethernet interface. In Proceedings of the Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM-01), pages 67--76, Los Alamitos, CA, USA, Apr. 22--26 2001. IEEE Computer Society.Google ScholarCross Ref
D. Reed, I. Pratt, P. Menage, S. Early, and N. Stratford. Xenoservers: accounted execution of untrusted code. In Proceedings of the 7th Workshop on Hot Topics in Operating Systems, 1999. Google ScholarDigital Library
J. S. Robin and C. E. Irvine. Analysis of the Intel Pentium's ability to support a secure virtual machine monitor. In Proceedings of the 9th USENIX Security Symposium, Denver, CO, USA, pages 129--144, Aug. 2000. Google ScholarDigital Library
C. P. Sapuntzakis, R. Chandra, B. Pfaff, J. Chow, M. S. Lam, and M. Rosenblum. Optimizing the Migration of Virtual Computers. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 377--390, Boston, MA, USA, Dec. 2002. Google ScholarDigital Library
L. Seawright and R. MacKinnon. VM/370 -- a study of multiplicity and usefulness. IBM Systems Journal, pages 4--17, 1979.Google ScholarDigital Library
P. Shenoy and H. Vin. Cello: A Disk Scheduling Framework for Next-generation Operating Systems. In Proceedings of ACM SIGMETRICS'98, the International Conference on Measurement and Modeling of Computer Systems, pages 44--55, June 1998. Google ScholarDigital Library
V. Sundaram, A. Chandra, P. Goyal, P. Shenoy, J. Sahni, and H.M.Vin. Application Performance in the QLinux Multimedia Operating System. In Proceedings of the 8th ACM Conference on Multimedia, Nov. 2000. Google ScholarDigital Library
D. Tennenhouse. Layered Multiplexing Considered Harmful. In Rudin and Williamson, editors, Protocols for High-Speed Networks, pages 143--148. North Holland, 1989.Google Scholar
C. A. Waldspurger. Memory resource management in VMware ESX server. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 181--194, Boston, MA, USA, Dec. 2002. Google ScholarDigital Library
A. Whitaker, M. Shaw, and S. D. Gribble. Denali: Lightweight Virtual Machines for Distributed and Networked Applications. Technical Report 02-02-01, University of Washington, 2002.Google Scholar
A. Whitaker, M. Shaw, and S. D. Gribble. Scale and performance in the Denali isolation kernel. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 195--210, Boston, MA, USA, Dec. 2002. Google ScholarDigital Library

Index Terms

Xen and the art of virtualization

Recommendations

Xen and the art of virtualization
SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of ...
Read More
Bringing Virtualization to the x86 Architecture with the Original VMware Workstation

This article describes the historical context, technical challenges, and main implementation techniques used by VMware Workstation to bring virtualization to the x86 architecture in 1999. Although virtual machine monitors (VMMs) had been around for ...
Read More
Securing virtual machine monitors: what is needed?
ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

It is widely believed that the use of a virtual machine monitor (VMM) is at least as secure, if not more secure than separate systems. A recent Information Week survey [6] reports that 55% of responding business technology professionals believe that a ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM SIGOPS Operating Systems Review Volume 37, Issue 5
SOSP '03
December 2003
329 pages
ISSN:0163-5980
DOI:10.1145/1165389
Issue’s Table of Contents
SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles
October 2003
338 pages
ISBN:1581137575
DOI:10.1145/945445
General Chair:
Michael L. Scott
University of Rochester
,
Program Chair:
Larry Peterson
Princeton University
Copyright © 2003 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 19 October 2003
Check for updates
Author Tags
hypervisors
paravirtualization
virtual machine monitors
Qualifiers
- article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 3,480
  Total Citations
  View Citations
- 71,940
  Total Downloads
- Downloads (Last 12 months)1,339
- Downloads (Last 6 weeks)181
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Xen and the art of virtualization

ACM SIGOPS Operating Systems Review

Abstract

References

Cited By

Index Terms

Recommendations

Xen and the art of virtualization

Bringing Virtualization to the x86 Architecture with the Original VMware Workstation

Securing virtual machine monitors: what is needed?