Article

Xen and the art of virtualization

Authors:

Boris Dragovic,

Rolf Neugebauer,

Andrew WarfieldAuthors Info & Claims

SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles

Pages 164 - 177

https://doi.org/10.1145/945445.945462

Published: 19 October 2003 Publication History

Abstract

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of performance. Others sacrifice security or functionality for speed. Few offer resource isolation or performance guarantees; most provide only best-effort provisioning, risking denial of service.This paper presents Xen, an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware in a safe and resource managed fashion, but without sacrificing either performance or functionality. This is achieved by providing an idealized virtual machine abstraction to which operating systems such as Linux, BSD and Windows XP, can be ported with minimal effort.Our design is targeted at hosting up to 100 virtual machine instances simultaneously on a modern server. The virtualization approach taken by Xen is extremely efficient: we allow operating systems such as Linux and Windows XP to be hosted simultaneously for a negligible performance overhead --- at most a few percent compared with the unvirtualized case. We considerably outperform competing commercial and freely available solutions in a range of microbenchmarks and system-wide tests.

References

[1]

A. Awadallah and M. Rosenblum. The vMatrix: A network of virtual machine monitors for dynamic content distribution. In Proceedings of the 7th International Workshop on Web Content Caching and Distribution (WCW 2002), Aug. 2002.

[2]

A. Bakre and B. R. Badrinath. I-TCP: indirect TCP for mobile hosts. In Proceedings of the 15th International Conference on Distributed Computing Systems (ICDCS 1995), pages 136--143, June 1995.

Digital Library

[3]

G. Banga, P. Druschel, and J. C. Mogul. Resource containers: A new facility for resource management in server systems. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation (OSDI 1999), pages 45--58, Feb. 1999.

Digital Library

[4]

A. Bavier, T. Voigt, M. Wawrzoniak, L. Peterson, and P. Gunningberg. SILK: Scout paths in the Linux kernel. Technical Report 2002-009, Uppsala University, Department of Information Technology, Feb. 2002.

[5]

B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. Fiuczynski, D. Becker, S. Eggers, and C. Chambers. Extensibility, safety and performance in the SPIN operating system. In Proceedings of the 15th ACM SIGOPS Symposium on Operating Systems Principles, volume 29(5) of ACM Operating Systems Review, pages 267--284, Dec. 1995.

Digital Library

[6]

A. Brown and M. Seltzer. Operating System Benchmarking in the Wake of Lmbench: A Case Study of the Performance of NetBSD on the Intel x86 Architecture. In Proceedings of the 1997 ACM SIGMETRICS Conference on Measurement and Modeling of Computer Systems, June 1997.

Digital Library

[7]

E. Bugnion, S. Devine, K. Govil, and M. Rosenblum. Disco: Running commodity operating systems on scalable multiprocessors. In Proceedings of the 16th ACM SIGOPS Symposium on Operating Systems Principles, volume 31(5) of ACM Operating Systems Review, pages 143--156, Oct. 1997.

Digital Library

[8]

Connectix. Product Overview: Connectix Virtual Server, 2003. http://www.connectix.com/products/vs.html.

[9]

G. Czajkowski and L. Daynes. Multitasking without compromise: a virtual machine evolution. ACM SIGPLAN Notices, 36(11):125--138, Nov. 2001. Proceedings of the 2001 ACM SIGPLAN Conference on Object Oriented Programming, Systems, Languages and Applications (OOPSLA 2001).

Digital Library

[10]

S. Devine, E. Bugnion, and M. Rosenblum. Virtualization system including a virtual machine monitor for a computer with a segmented architecture. US Patent, 6397242, Oct. 1998.

[11]

K. J. Duda and D. R. Cheriton. Borrowed-Virtual-Time (BVT) scheduling: supporting latency-sensitive threads in a general-purpose scheduler. In Proceedings of the 17th ACM SIGOPS Symposium on Operating Systems Principles, volume 33(5) of ACM Operating Systems Review, pages 261--276, Kiawah Island Resort, SC, USA, Dec. 1999.

Digital Library

[12]

G. W. Dunlap, S. T. King, S. Cinar, M. Basrai, and P. M. Chen. ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 211--224, Boston, MA, USA, Dec. 2002.

Digital Library

[13]

D. Engler, S. K. Gupta, and F. Kaashoek. AVM: Application-level virtual memory. In Proceedings of the 5th Workshop on Hot Topics in Operating Systems, pages 72--77, May 1995.

Digital Library

[14]

Ensim. Ensim Virtual Private Servers, 2003. http://www.ensim.com/products/materials/datasheet_vps_051003.pdf.

[15]

K. A. Fraser, S. M. Hand, T. L. Harris, I. M. Leslie, and I. A. Pratt. The Xenoserver computing infrastructure. Technical Report UCAM-CL-TR-552, University of Cambridge, Computer Laboratory, Jan. 2003.

[16]

T. Garfinkel, M. Rosenblum, and D. Boneh. Flexible OS Support and Applications for Trusted Computing. In Proceedings of the 9th Workshop on Hot Topics in Operating Systems, Kauai, Hawaii, May 2003.

Digital Library

[17]

J. Gelinas. Virtual Private Servers and Security Contexts, 2003. http://www.solucorp.qc.ca/miscprj/urls_context.hc.

[18]

K. Govil, D. Teodosiu, Y. Huang, and M. Rosenblum. Cellular Disco: Resource management using virtual clusters on shared-memory multiprocessors. In Proceedings of the 17th ACM SIGOPS Symposium on Operating Systems Principles, volume 33(5) of ACM Operating Systems Review, pages 154--169, Dec. 1999.

Digital Library

[19]

P. H. Gum. System/370 extended architecture: facilities for virtual machines. IBM Journal of Research and Development, 27(6):530--544, Nov. 1983.

Digital Library

[20]

S. Hand. Self-paging in the Nemesis operating system. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation (OSDI 1999), pages 73--86, Oct. 1999.

Digital Library

[21]

S. Hand, T. L. Harris, E. Kotsovinos, and I. Pratt. Controlling the XenoServer Open Platform, April 2003.

[22]

A. Jeffrey and I. Wakeman. A Survey of Semantic Techniques for Active Networks, Nov. 1997. http://www.cogs.susx. ac.uk/projects/safetynet/.

[23]

M. F. Kaashoek, D. R. Engler, G. R. Granger, H. M. Briceno, R. Hunt, D. Mazieres, T. Pinckney, R. Grimm, J. Jannotti, and K. Mackenzie. Application performance and flexibility on Exokernel systems. In Proceedings of the 16th ACM SIGOPS Symposium on Operating Systems Principles, volume 31(5) of ACM Operating Systems Review, pages 52--65, Oct. 1997.

Digital Library

[24]

R. Kessler and M. Hill. Page placement algorithms for large real-indexed caches. ACM Transaction on Computer Systems, 10(4):338--359, Nov. 1992.

Digital Library

[25]

S. T. King, G. W. Dunlap, and P. M. Chen. Operating System Support for Virtual Machines. In Proceedings of the 2003 Annual USENIX Technical Conference, Jun 2003.

Digital Library

[26]

M. Kozuch and M. Satyanarayanan. Internet Suspend/Resume. In Proceedings of the 4th IEEE Workshop on Mobile Computing Systems and Applications, Calicoon, NY, Jun 2002.

Digital Library

[27]

I. M. Leslie, D. McAuley, R. Black, T. Roscoe, P. Barham, D. Evers, R. Fairbairns, and E. Hyden. The design and implementation of an operating system to support distributed multimedia applications. IEEE Journal on Selected Areas In Communications, 14(7):1280--1297, Sept. 1996.

Digital Library

[28]

J. MacKie-Mason and H. Varian. Pricing congestible network resources. IEEE Journal on Selected Areas In Communications, 13(7):1141--1149, Sept. 1995.

Digital Library

[29]

L. McVoy and C. Staelin. lmbench: Portable tools for performance analysis. In Proceedings of the USENIX Annual Technical Conference, pages 279--294, Berkeley, Jan. 1996. Usenix Association.

Digital Library

[30]

J. Navarro, S. Iyer, P. Druschel, and A. Cox. Practical, transparent operating system support for superpages. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 89--104, Boston, MA, USA, Dec. 2002.

Digital Library

[31]

G. C. Necula. Proof-carrying code. In Conference Record of POPL~1997: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 106--119, Jan. 1997.

Digital Library

[32]

S. Oikawa and R. Rajkumar. Portable RK: A portable resource kernel for guaranteed and enforced timing behavior. In Proceedings of the IEEE Real Time Technology and Applications Symposium, pages 111--120, June 1999.

Digital Library

[33]

L. Peterson, D. Culler, T. Anderson, and T. Roscoe. A blueprint for introducing disruptive technology into the internet. In Proceedings of the 1st Workshop on Hot Topics in Networks (HotNets-I), Princeton, NJ, USA, Oct. 2002.

[34]

I. Pratt and K. Fraser. Arsenic: A user-accessible gigabit ethernet interface. In Proceedings of the Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM-01), pages 67--76, Los Alamitos, CA, USA, Apr. 22--26 2001. IEEE Computer Society.

[35]

D. Reed, I. Pratt, P. Menage, S. Early, and N. Stratford. Xenoservers: accounted execution of untrusted code. In Proceedings of the 7th Workshop on Hot Topics in Operating Systems, 1999.

Digital Library

[36]

J. S. Robin and C. E. Irvine. Analysis of the Intel Pentium's ability to support a secure virtual machine monitor. In Proceedings of the 9th USENIX Security Symposium, Denver, CO, USA, pages 129--144, Aug. 2000.

Digital Library

[37]

C. P. Sapuntzakis, R. Chandra, B. Pfaff, J. Chow, M. S. Lam, and M. Rosenblum. Optimizing the Migration of Virtual Computers. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 377--390, Boston, MA, USA, Dec. 2002.

Digital Library

[38]

L. Seawright and R. MacKinnon. VM/370 -- a study of multiplicity and usefulness. IBM Systems Journal, pages 4--17, 1979.

Digital Library

[39]

P. Shenoy and H. Vin. Cello: A Disk Scheduling Framework for Next-generation Operating Systems. In Proceedings of ACM SIGMETRICS'98, the International Conference on Measurement and Modeling of Computer Systems, pages 44--55, June 1998.

Digital Library

[40]

V. Sundaram, A. Chandra, P. Goyal, P. Shenoy, J. Sahni, and H.M.Vin. Application Performance in the QLinux Multimedia Operating System. In Proceedings of the 8th ACM Conference on Multimedia, Nov. 2000.

Digital Library

[41]

D. Tennenhouse. Layered Multiplexing Considered Harmful. In Rudin and Williamson, editors, Protocols for High-Speed Networks, pages 143--148. North Holland, 1989.

[42]

C. A. Waldspurger. Memory resource management in VMware ESX server. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 181--194, Boston, MA, USA, Dec. 2002.

Digital Library

[43]

A. Whitaker, M. Shaw, and S. D. Gribble. Denali: Lightweight Virtual Machines for Distributed and Networked Applications. Technical Report 02-02-01, University of Washington, 2002.

[44]

A. Whitaker, M. Shaw, and S. D. Gribble. Scale and performance in the Denali isolation kernel. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 195--210, Boston, MA, USA, Dec. 2002.

Digital Library

Cited By

Letemple MGain GMariem SMathy LDonnet B(2024)$v\text{TNT}$: Unikernels for Efficient and Flexible Internet Probing2024 8th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA62044.2024.10559079(1-4)Online publication date: 21-May-2024
https://doi.org/10.23919/TMA62044.2024.10559079
Leis VDietrich C(2024)Cloud-Native Database Systems and Unikernels: Reimagining OS Abstractions for Modern HardwareProceedings of the VLDB Endowment10.14778/3659437.365946217:8(2115-2122)Online publication date: 1-Apr-2024
https://dl.acm.org/doi/10.14778/3659437.3659462
Johnson MVolos SGordon KAllen SWintersteiger CClebsch SStarks JCosta M(2024)Confidential Container GroupsQueue10.1145/366429322:2(57-86)Online publication date: 23-May-2024
https://dl.acm.org/doi/10.1145/3664293
Show More Cited By

Index Terms

Xen and the art of virtualization

Recommendations

Xen and the art of virtualization
SOSP '03

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of ...
Bringing Virtualization to the x86 Architecture with the Original VMware Workstation

This article describes the historical context, technical challenges, and main implementation techniques used by VMware Workstation to bring virtualization to the x86 architecture in 1999. Although virtual machine monitors (VMMs) had been around for ...
Securing virtual machine monitors: what is needed?
ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

It is widely believed that the use of a virtual machine monitor (VMM) is at least as secure, if not more secure than separate systems. A recent Information Week survey [6] reports that 55% of responding business technology professionals believe that a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles

October 2003

338 pages

ISBN:1581137575

DOI:10.1145/945445

General Chair:
Michael L. Scott
University of Rochester
,
Program Chair:
Larry Peterson
Princeton University

ACM SIGOPS Operating Systems Review Volume 37, Issue 5
SOSP '03
December 2003
329 pages
ISSN:0163-5980
DOI:10.1145/1165389
Issue’s Table of Contents

Copyright © 2003 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 October 2003

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SOSP03

Sponsor:

SOSP03: ACM Symposium on Operating Systems Principles

October 19 - 22, 2003

NY, Bolton Landing, USA

Acceptance Rates

SOSP '03 Paper Acceptance Rate 22 of 128 submissions, 17%;

Overall Acceptance Rate 131 of 716 submissions, 18%

Upcoming Conference

SOSP '24

Sponsor:
sigops

ACM SIGOPS 30th Symposium on Operating Systems Principles

November 5 - 8, 2024

Austin , TX , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3,499
Total Citations
View Citations
72,145
Total Downloads

Downloads (Last 12 months)1,240
Downloads (Last 6 weeks)35

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Letemple MGain GMariem SMathy LDonnet B(2024)$v\text{TNT}$: Unikernels for Efficient and Flexible Internet Probing2024 8th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA62044.2024.10559079(1-4)Online publication date: 21-May-2024
https://doi.org/10.23919/TMA62044.2024.10559079
Leis VDietrich C(2024)Cloud-Native Database Systems and Unikernels: Reimagining OS Abstractions for Modern HardwareProceedings of the VLDB Endowment10.14778/3659437.365946217:8(2115-2122)Online publication date: 1-Apr-2024
https://dl.acm.org/doi/10.14778/3659437.3659462
Johnson MVolos SGordon KAllen SWintersteiger CClebsch SStarks JCosta M(2024)Confidential Container GroupsQueue10.1145/366429322:2(57-86)Online publication date: 23-May-2024
https://dl.acm.org/doi/10.1145/3664293
Min JZhao CLiu MKrishnamurthy A(2024)eZNS: Elastic Zoned Namespace for Enhanced Performance Isolation and Device UtilizationACM Transactions on Storage10.1145/365371620:3(1-41)Online publication date: 12-Apr-2024
https://dl.acm.org/doi/10.1145/3653716
Cosseron LRilling LSimonin MQuinson M(2024)Simulating the Network Environment of Sandboxes to Hide Virtual Machine Introspection PausesProceedings of the 17th European Workshop on Systems Security10.1145/3642974.3652280(1-7)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3642974.3652280
Borysei BSaroiu Sde Lara EXu CDavies N(2024)Poster: Towards Multi-Stakeholder CloudsProceedings of the 25th International Workshop on Mobile Computing Systems and Applications10.1145/3638550.3643626(146-146)Online publication date: 28-Feb-2024
https://dl.acm.org/doi/10.1145/3638550.3643626
Borysei BSaroiu Sde Lara EXu CDavies N(2024)Towards Multi-Stakeholder CloudsProceedings of the 25th International Workshop on Mobile Computing Systems and Applications10.1145/3638550.3641135(47-52)Online publication date: 28-Feb-2024
https://dl.acm.org/doi/10.1145/3638550.3641135
Asanuma KYamada H(2024)DBMS-Assisted Live Migration of Virtual MachinesIEEE Transactions on Computers10.1109/TC.2023.332994373:2(380-393)Online publication date: Feb-2024
https://doi.org/10.1109/TC.2023.3329943
Hill LRotsos CEdwards CHutchison D(2024)Katoptron: Efficient State Mirroring for Middlebox ResilienceNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575815(1-9)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575815
Dangl TSentanoe SReiser H(2024)Active and passive virtual machine introspection on AMD and ARM processorsJournal of Systems Architecture: the EUROMICRO Journal10.1016/j.sysarc.2024.103101149:COnline publication date: 1-Apr-2024
https://dl.acm.org/doi/10.1016/j.sysarc.2024.103101
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents