高级操作系统高级操作系统 (18).pdf

第 4 讲：Optimization of Virtual Machine Monitor第二节：My VM is Lighter(and Safer)than your ContainerProblems of VMMVMM is SLOWER than Container.Problems of VMM.Contributions of lightvmContributionsAn analysis of the performance bottlenecks prevent-ing traditional virtualization systems from achievingcontainer-like dynamicsAn overhaul of Xens architecture,completelyremov-ing its back-end registryA revamp of Xens toolstackThe development of Tinyx,an automated system forbuilding minimalistic Linux-based VMsA prototypical implementation along with an exten-sive performance evaluation.Overview of XENThe Xen architecture including toolstack,theXenStore,software switch and split driversbetween the driver domain(Dom0)and theguests(DomUs).Some observations on XENThe Xen architectureincluding toolstack,theXenStore,software switchand split drivers betweenthe driver domain(Dom0)and the guests(DomUs).The size of the guest virtual machines.LIGHTWEIGHT VMsUnikernels:linking existing applications that rely on theLinux syscall API to Mini-OS is fairly cumbersome andrequires a lot of expert time.Tinyx:is an automated build system that creates minimalisticLinux VM images targeted at running a single application.LIGHTWEIGHT VMsTinyx:Inputs:an application to build the image for and the platformthe image will be running on.Includes:the application,its dependencies,and BusyBoxMethods:objdump for libs,pkg manager for packages,tinyconfig for Linux kernel.Results:Tinyx create kernel images that are half the size oftypical Debian kernels and minimal runtime memory usage(1.6MB for Tinyx vs.8MB for the Debian).Some observations on XENThe Debian VM is 1.1GB;it takesXen around 500ms to create theVM,and it takes the VM 1.5seconds to boot.The Tinyx VM(9.5MB)is createdin 360ms and 180ms to boot.Theunikernel(480KB)is created in80ms,and 3ms to boot.Creating VMs,the creation timeincreases noticeably(note thelogarithmic scale):it takes 42s,10s and 700ms to create thethousandth Debian,Tinyx,andunikernel guest,sequentially start 1000 virtual machines.Some observations on XENVM creation overheadsParsing the configuration filethat describes the VMInteracting with the hypervisorfor memoryReading/Writing information inXenStoreCreating and configuration thevirtual devicesParsing&loading the kernelimageOther work on toolstackBreakdown of the VM creation overheads.LightVMXENLightVM with Noxs and the Chaos Toolstack.LightVM noxsfundamental problem with the XenStore isits centralized,filesystem-like APInoxs relies on shared pages mapped in theguests address spacecreate a new,special device memory pagefor each new VM that we use to keep trackof a VMs information about any devices.LightVM noxstoolstack requests the creation of devicesfrom the back-endtoolstack calls the new hypercall foradding these details to the device pageNew VM maps the device page into itsaddress spacefront-end inits comm.with back-endfinally front-end and back-end can notifyeach other.LightVM split toolstackToolstack split betweenfunctionality belonging to theprepare phase,carried outperiodically by the chaosdaemon,offload this functionality to thechaos daemon,which generates anumber of VM shells and placesthem in a pool.and an execute phase,directlycalled by chaos when a commandis issued.LightVM PerformanceLightVMLightVM with Noxs and the Chaos Toolstack.LightVM PerformanceLightVM boot times on a 64-core machineversus Docker containers.Boot times for unikernel and Tinyx guestsversus Docker containers.LightVM PerformanceScalability of VM memory usage for differentVMs,for containers and for processes.CPU usage for a unikernel,Tinyx,a Debian VMand Docker.LightVM SummaryLightVMA complete redesign of Xens toolstack optimized for performance.Can boot a minimalistic VM in as little as 2.3ms,comparable to the fork/execimplementation in Linux(1ms).Has almost constant creation and boot times regardless of the number of running VMs.Achieve both good isolation and performance on par or better than containers.