article

Xen and the art of virtualization

Authors:

Boris Dragovic,

Rolf Neugebauer,

Andrew WarfieldAuthors Info & Claims

ACM SIGOPS Operating Systems Review, Volume 37, Issue 5

Pages 164 - 177

https://doi.org/10.1145/1165389.945462

Published: 19 October 2003 Publication History

Abstract

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of performance. Others sacrifice security or functionality for speed. Few offer resource isolation or performance guarantees; most provide only best-effort provisioning, risking denial of service.This paper presents Xen, an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware in a safe and resource managed fashion, but without sacrificing either performance or functionality. This is achieved by providing an idealized virtual machine abstraction to which operating systems such as Linux, BSD and Windows XP, can be ported with minimal effort.Our design is targeted at hosting up to 100 virtual machine instances simultaneously on a modern server. The virtualization approach taken by Xen is extremely efficient: we allow operating systems such as Linux and Windows XP to be hosted simultaneously for a negligible performance overhead --- at most a few percent compared with the unvirtualized case. We considerably outperform competing commercial and freely available solutions in a range of microbenchmarks and system-wide tests.

References

[1]

A. Awadallah and M. Rosenblum. The vMatrix: A network of virtual machine monitors for dynamic content distribution. In Proceedings of the 7th International Workshop on Web Content Caching and Distribution (WCW 2002), Aug. 2002.

[2]

A. Bakre and B. R. Badrinath. I-TCP: indirect TCP for mobile hosts. In Proceedings of the 15th International Conference on Distributed Computing Systems (ICDCS 1995), pages 136--143, June 1995.

Digital Library

[3]

G. Banga, P. Druschel, and J. C. Mogul. Resource containers: A new facility for resource management in server systems. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation (OSDI 1999), pages 45--58, Feb. 1999.

Digital Library

[4]

A. Bavier, T. Voigt, M. Wawrzoniak, L. Peterson, and P. Gunningberg. SILK: Scout paths in the Linux kernel. Technical Report 2002-009, Uppsala University, Department of Information Technology, Feb. 2002.

[5]

B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. Fiuczynski, D. Becker, S. Eggers, and C. Chambers. Extensibility, safety and performance in the SPIN operating system. In Proceedings of the 15th ACM SIGOPS Symposium on Operating Systems Principles, volume 29(5) of ACM Operating Systems Review, pages 267--284, Dec. 1995.

Digital Library

[6]

A. Brown and M. Seltzer. Operating System Benchmarking in the Wake of Lmbench: A Case Study of the Performance of NetBSD on the Intel x86 Architecture. In Proceedings of the 1997 ACM SIGMETRICS Conference on Measurement and Modeling of Computer Systems, June 1997.

Digital Library

[7]

E. Bugnion, S. Devine, K. Govil, and M. Rosenblum. Disco: Running commodity operating systems on scalable multiprocessors. In Proceedings of the 16th ACM SIGOPS Symposium on Operating Systems Principles, volume 31(5) of ACM Operating Systems Review, pages 143--156, Oct. 1997.

Digital Library

[8]

Connectix. Product Overview: Connectix Virtual Server, 2003. http://www.connectix.com/products/vs.html.

[9]

G. Czajkowski and L. Daynes. Multitasking without compromise: a virtual machine evolution. ACM SIGPLAN Notices, 36(11):125--138, Nov. 2001. Proceedings of the 2001 ACM SIGPLAN Conference on Object Oriented Programming, Systems, Languages and Applications (OOPSLA 2001).

Digital Library

[10]

S. Devine, E. Bugnion, and M. Rosenblum. Virtualization system including a virtual machine monitor for a computer with a segmented architecture. US Patent, 6397242, Oct. 1998.

[11]

K. J. Duda and D. R. Cheriton. Borrowed-Virtual-Time (BVT) scheduling: supporting latency-sensitive threads in a general-purpose scheduler. In Proceedings of the 17th ACM SIGOPS Symposium on Operating Systems Principles, volume 33(5) of ACM Operating Systems Review, pages 261--276, Kiawah Island Resort, SC, USA, Dec. 1999.

Digital Library

[12]

G. W. Dunlap, S. T. King, S. Cinar, M. Basrai, and P. M. Chen. ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 211--224, Boston, MA, USA, Dec. 2002.

Digital Library

[13]

D. Engler, S. K. Gupta, and F. Kaashoek. AVM: Application-level virtual memory. In Proceedings of the 5th Workshop on Hot Topics in Operating Systems, pages 72--77, May 1995.

Digital Library

[14]

Ensim. Ensim Virtual Private Servers, 2003. http://www.ensim.com/products/materials/datasheet_vps_051003.pdf.

[15]

K. A. Fraser, S. M. Hand, T. L. Harris, I. M. Leslie, and I. A. Pratt. The Xenoserver computing infrastructure. Technical Report UCAM-CL-TR-552, University of Cambridge, Computer Laboratory, Jan. 2003.

[16]

T. Garfinkel, M. Rosenblum, and D. Boneh. Flexible OS Support and Applications for Trusted Computing. In Proceedings of the 9th Workshop on Hot Topics in Operating Systems, Kauai, Hawaii, May 2003.

Digital Library

[17]

J. Gelinas. Virtual Private Servers and Security Contexts, 2003. http://www.solucorp.qc.ca/miscprj/urls_context.hc.

[18]

K. Govil, D. Teodosiu, Y. Huang, and M. Rosenblum. Cellular Disco: Resource management using virtual clusters on shared-memory multiprocessors. In Proceedings of the 17th ACM SIGOPS Symposium on Operating Systems Principles, volume 33(5) of ACM Operating Systems Review, pages 154--169, Dec. 1999.

Digital Library

[19]

P. H. Gum. System/370 extended architecture: facilities for virtual machines. IBM Journal of Research and Development, 27(6):530--544, Nov. 1983.

Digital Library

[20]

S. Hand. Self-paging in the Nemesis operating system. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation (OSDI 1999), pages 73--86, Oct. 1999.

Digital Library

[21]

S. Hand, T. L. Harris, E. Kotsovinos, and I. Pratt. Controlling the XenoServer Open Platform, April 2003.

[22]

A. Jeffrey and I. Wakeman. A Survey of Semantic Techniques for Active Networks, Nov. 1997. http://www.cogs.susx. ac.uk/projects/safetynet/.

[23]

M. F. Kaashoek, D. R. Engler, G. R. Granger, H. M. Briceno, R. Hunt, D. Mazieres, T. Pinckney, R. Grimm, J. Jannotti, and K. Mackenzie. Application performance and flexibility on Exokernel systems. In Proceedings of the 16th ACM SIGOPS Symposium on Operating Systems Principles, volume 31(5) of ACM Operating Systems Review, pages 52--65, Oct. 1997.

Digital Library

[24]

R. Kessler and M. Hill. Page placement algorithms for large real-indexed caches. ACM Transaction on Computer Systems, 10(4):338--359, Nov. 1992.

Digital Library

[25]

S. T. King, G. W. Dunlap, and P. M. Chen. Operating System Support for Virtual Machines. In Proceedings of the 2003 Annual USENIX Technical Conference, Jun 2003.

Digital Library

[26]

M. Kozuch and M. Satyanarayanan. Internet Suspend/Resume. In Proceedings of the 4th IEEE Workshop on Mobile Computing Systems and Applications, Calicoon, NY, Jun 2002.

Digital Library

[27]

I. M. Leslie, D. McAuley, R. Black, T. Roscoe, P. Barham, D. Evers, R. Fairbairns, and E. Hyden. The design and implementation of an operating system to support distributed multimedia applications. IEEE Journal on Selected Areas In Communications, 14(7):1280--1297, Sept. 1996.

Digital Library

[28]

J. MacKie-Mason and H. Varian. Pricing congestible network resources. IEEE Journal on Selected Areas In Communications, 13(7):1141--1149, Sept. 1995.

Digital Library

[29]

L. McVoy and C. Staelin. lmbench: Portable tools for performance analysis. In Proceedings of the USENIX Annual Technical Conference, pages 279--294, Berkeley, Jan. 1996. Usenix Association.

Digital Library

[30]

J. Navarro, S. Iyer, P. Druschel, and A. Cox. Practical, transparent operating system support for superpages. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 89--104, Boston, MA, USA, Dec. 2002.

Digital Library

[31]

G. C. Necula. Proof-carrying code. In Conference Record of POPL~1997: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 106--119, Jan. 1997.

Digital Library

[32]

S. Oikawa and R. Rajkumar. Portable RK: A portable resource kernel for guaranteed and enforced timing behavior. In Proceedings of the IEEE Real Time Technology and Applications Symposium, pages 111--120, June 1999.

Digital Library

[33]

L. Peterson, D. Culler, T. Anderson, and T. Roscoe. A blueprint for introducing disruptive technology into the internet. In Proceedings of the 1st Workshop on Hot Topics in Networks (HotNets-I), Princeton, NJ, USA, Oct. 2002.

[34]

I. Pratt and K. Fraser. Arsenic: A user-accessible gigabit ethernet interface. In Proceedings of the Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM-01), pages 67--76, Los Alamitos, CA, USA, Apr. 22--26 2001. IEEE Computer Society.

[35]

D. Reed, I. Pratt, P. Menage, S. Early, and N. Stratford. Xenoservers: accounted execution of untrusted code. In Proceedings of the 7th Workshop on Hot Topics in Operating Systems, 1999.

Digital Library

[36]

J. S. Robin and C. E. Irvine. Analysis of the Intel Pentium's ability to support a secure virtual machine monitor. In Proceedings of the 9th USENIX Security Symposium, Denver, CO, USA, pages 129--144, Aug. 2000.

Digital Library

[37]

C. P. Sapuntzakis, R. Chandra, B. Pfaff, J. Chow, M. S. Lam, and M. Rosenblum. Optimizing the Migration of Virtual Computers. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 377--390, Boston, MA, USA, Dec. 2002.

Digital Library

[38]

L. Seawright and R. MacKinnon. VM/370 -- a study of multiplicity and usefulness. IBM Systems Journal, pages 4--17, 1979.

Digital Library

[39]

P. Shenoy and H. Vin. Cello: A Disk Scheduling Framework for Next-generation Operating Systems. In Proceedings of ACM SIGMETRICS'98, the International Conference on Measurement and Modeling of Computer Systems, pages 44--55, June 1998.

Digital Library

[40]

V. Sundaram, A. Chandra, P. Goyal, P. Shenoy, J. Sahni, and H.M.Vin. Application Performance in the QLinux Multimedia Operating System. In Proceedings of the 8th ACM Conference on Multimedia, Nov. 2000.

Digital Library

[41]

D. Tennenhouse. Layered Multiplexing Considered Harmful. In Rudin and Williamson, editors, Protocols for High-Speed Networks, pages 143--148. North Holland, 1989.

[42]

C. A. Waldspurger. Memory resource management in VMware ESX server. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 181--194, Boston, MA, USA, Dec. 2002.

Digital Library

[43]

A. Whitaker, M. Shaw, and S. D. Gribble. Denali: Lightweight Virtual Machines for Distributed and Networked Applications. Technical Report 02-02-01, University of Washington, 2002.

[44]

A. Whitaker, M. Shaw, and S. D. Gribble. Scale and performance in the Denali isolation kernel. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI 2002), ACM Operating Systems Review, Winter 2002 Special Issue, pages 195--210, Boston, MA, USA, Dec. 2002.

Digital Library

Cited By

Jin MTang HQiu HYang J(2025)Machine learning-based co-resident attack detection for 5G clouded environmentsComputer Networks10.1016/j.comnet.2024.111032258(111032)Online publication date: Feb-2025
https://doi.org/10.1016/j.comnet.2024.111032
Tan KZhan DYe LZhang HFang BTian Z(2025)A high-performance real-time container file monitoring approach based on virtual machine introspectionThe Journal of Supercomputing10.1007/s11227-024-06779-281:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11227-024-06779-2
Bakir FWang SEkaireb TPearson JKrintz CWolski R(2024)Ambience: an operating system for IoT microservicesJournal of Edge Computing10.55056/jec.786Online publication date: 5-Sep-2024
https://doi.org/10.55056/jec.786
Show More Cited By

Index Terms

Xen and the art of virtualization

Recommendations

Xen and the art of virtualization
SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of ...
Bringing Virtualization to the x86 Architecture with the Original VMware Workstation

This article describes the historical context, technical challenges, and main implementation techniques used by VMware Workstation to bring virtualization to the x86 architecture in 1999. Although virtual machine monitors (VMMs) had been around for ...
Securing virtual machine monitors: what is needed?
ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

It is widely believed that the use of a virtual machine monitor (VMM) is at least as secure, if not more secure than separate systems. A recent Information Week survey [6] reports that 55% of responding business technology professionals believe that a ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGOPS Operating Systems Review

ACM SIGOPS Operating Systems Review Volume 37, Issue 5

SOSP '03

December 2003

329 pages

ISSN:0163-5980

DOI:10.1145/1165389

Issue’s Table of Contents

SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles
October 2003
338 pages
ISBN:1581137575
DOI:10.1145/945445
General Chair:
Michael L. Scott
University of Rochester
,
Program Chair:
Larry Peterson
Princeton University

Copyright © 2003 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 October 2003

Published in SIGOPS Volume 37, Issue 5

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3,521
Total Citations
View Citations
72,660
Total Downloads

Downloads (Last 12 months)1,309
Downloads (Last 6 weeks)84

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Jin MTang HQiu HYang J(2025)Machine learning-based co-resident attack detection for 5G clouded environmentsComputer Networks10.1016/j.comnet.2024.111032258(111032)Online publication date: Feb-2025
https://doi.org/10.1016/j.comnet.2024.111032
Tan KZhan DYe LZhang HFang BTian Z(2025)A high-performance real-time container file monitoring approach based on virtual machine introspectionThe Journal of Supercomputing10.1007/s11227-024-06779-281:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11227-024-06779-2
Bakir FWang SEkaireb TPearson JKrintz CWolski R(2024)Ambience: an operating system for IoT microservicesJournal of Edge Computing10.55056/jec.786Online publication date: 5-Sep-2024
https://doi.org/10.55056/jec.786
Türker GBudak Ç(2024)Enhancing Efficiency in Virtualized Environments: Intelligent Solutions for VMware Errors through Artificial Intelligence and API IntegrationAdvances in Artificial Intelligence Research10.54569/aair.15850574:2(78-86)Online publication date: 30-Dec-2024
https://doi.org/10.54569/aair.1585057
Salunke SOuda A(2024)A Performance Benchmark for the PostgreSQL and MySQL DatabasesFuture Internet10.3390/fi1610038216:10(382)Online publication date: 19-Oct-2024
https://doi.org/10.3390/fi16100382
Fabbro SMajor BJenkins DDowler PCasteels KKavelaars JGoliath SGaudet SYeung AKirk H(2024)Innovations and impact of the CANFAR science platformSoftware and Cyberinfrastructure for Astronomy VIII10.1117/12.3020588(54)Online publication date: 25-Jul-2024
https://doi.org/10.1117/12.3020588
Huang ZTan YZhu YTan HLi K(2024)MTDA: Efficient and Fair DPU Offloading Method for Multiple TenantsIEEE Transactions on Services Computing10.1109/TSC.2024.3433588(1-14)Online publication date: 2024
https://doi.org/10.1109/TSC.2024.3433588
da Silva Vde Lima ESchwarzrock JRossi FLuizelli MBeck ALorenzon A(2024)Synergistically Rebalancing the EDP of Container-Based Parallel ApplicationsIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2024.335735335:3(484-498)Online publication date: Mar-2024
https://doi.org/10.1109/TPDS.2024.3357353
Yang YWang S(2024)EdgeOPT: A Competitive Algorithm for Online Parallel Task Scheduling With Latency Guarantee in Mobile Edge ComputingIEEE Transactions on Communications10.1109/TCOMM.2024.341274172:11(7077-7092)Online publication date: Nov-2024
https://doi.org/10.1109/TCOMM.2024.3412741
Nguetchouang KBitchebe SDubuc TCallau-Zori MHubert COlivier PTchana A(2024)SVD: A Scalable Virtual Machine Disk FormatIEEE Transactions on Cloud Computing10.1109/TCC.2024.339139012:2(684-696)Online publication date: Apr-2024
https://doi.org/10.1109/TCC.2024.3391390
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents