[Gllug] Xen - bit of a ramble
Rob Bannocks
rbannocks at yahoo.com
Tue May 16 12:27:52 UTC 2006
> From: "Ryland, Peter"
<peter.ryland at squaregain.co.uk>
> Subject: Re: [Gllug] Xen - bit of a ramble
> Date: Tue, 16 May 2006 10:50:06 +0100
> To: Greater London Linux User Group
<gllug at gllug.org.uk>
>
> On Tue, 2006-05-16 at 02:26 -0700, Rob Bannocks
> wrote:
> > While we are on the topic, can someone explain
> > to me concisely the diffrence between xen and
> > usermode linux?
>
> Usermode linux is basically Linux ported to run as a
> process under
> linux. It doesn't require privileged access to the
> hardware, but
> instead forwards system calls on to the host kernel.
> Therefore, just as
> you can have two users on a system fight for
> resources, you can have two
> UML instances fighting in the same way, with limited
> ability of the
> admin to control it. In terms of isolation of
> virtual machines, this
> isn't terribly good.
>
> Ok, so we all know about how the 80386
> revolutionised intel's line of
> CPUs by adding memory protection and IO protection
> and such. How it
> achieves this is by enabling processes to run in
> different "rings". If,
> say, a process in ring 3 does some IO which it's not
> allowed to do, or
> requests a page of memory that is swapped out or
> something, a parent
> process in a higher ring, say ring 0, can get word
> of this before it's
> carried out and can veto the action (causing a
> segfault), or swap the
> page in or whatever it deems appropriate. So normal
> linux uses this on
> x86 to protect programs from each other and the
> system from programs by
> running the kernel in ring 0 with full access to
> everything and user
> programs in ring 3 with only the ability to make
> system calls to the
> kernel.
>
> The idea behind Xen is to run a "monitor" kernel in
> ring 0 which acts as
> a scheduler for the virtual machine kernels which
> have been ported to
> run under this and in ring 1, and then have user
> processes unchanged
> running in ring 3 as normal. This allows it to have
> fairly good
> isolation between VMs and in practice very minimal
> overhead. In fact, a
> ring 1 kernel can even be given actual hardware
> access for a piece of
> hardware to enable it to use native drivers for that
> hardware,
> eliminating any overhead at all.
>
> HTH,
> Pete
>
>
Hi,
Thanks for your informed reply. Can xen also allocate
shares of the CPU (and for that matter other system
resources) out to the virtual machines so that one
bad process in one bad VM does not eat up all the CPU.
Of putting this another way in Solaris terms can xen
perform "Fair shares" scheduling? Or does xen+linux
simply share out the CPU in the same way linux does
to user process, all be it at a higher level of
abstraction?
Thanks again.
RB
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list