We are happy to share that the Xen Project, a project hosted at The Linux Foundation, has released Xen Project Hypervisor 4.8 which improves code quality, security hardening and delivers new features. This release offers benefits to traditional server virtualization, Infrastructure as a Services (IaaS), hyperscale clouds, security applications, embedded systems and hardware appliances. Oracle is a member of the Xen Project Advisory Board and has been using and supporting the Xen Project Hypervisor for Oracle VM Server for x86 for many years.
Xen Project software is an open source virtualization platform licensed under the GPLv2 with a similar governance structure to the Linux kernel. Designed from the start for cloud computing, the Project has more than a decade of development and is being used by more than 10 million users. Xen Project technology continues to see growth in a broad range of environments due to its flexibility, extensibility and customizability.
Major contributions for the Xen Project Hypervisor 4.8 release come from ARM, BitDefender, Bosch, Citrix, Freescale, Intel, Linaro, Oracle, Qualcomm, SUSE, Star Lab, the US National Security Agency, Xilinx, Zentific, and a number of universities and individuals. A few key enhancements:
- Live Patch enhancement: Security has consistently been the focus of the Xen Project. In the Xen Project Hypervisor 4.7, Live Patch was introduced to enable cloud administrators to minimize downtime and improve the user experience with non-disruptive security patching. In 4.8, Live Patch is now able to look for the “hooks” section in the payload and execute code from there. This update gives the patch author more control in modifying data and code. It also expands the capability for ARM and adds a way to execute the Live Patch payload.
- Split out and re-license libacpi: The code inside hvmloader to generate ACPI data for guests is split out as a separate library, libacpi, and has been re-licensed from GPL to LGPL and can now be shared across x86 and ARM. This change enables advancement in the ParaVirtualized Hardware guests (PVH). This not only improves performance and security, but also simplifies the architecture and Xen Project Hypervisor-OS interface significantly.
- PVH v2 update: PVH v2 guest (without PCI passthrough support) ABI is also now stabilized. PVH v2 enables faster and lower latency workloads. Guest operating system developers can start porting OSes to this mode. PVH is an extension to the classic Xen Project Paravirtualization (PV) that uses the hardware virtualization extensions available on modern x86 processors. PVH uses PV drivers for boot, I/O and x86 hardware virtualization extensions for page table operations, system calls and other privileged operations. PVH does not use emulated devices such as QEMU. The end result is the best characteristics of all the virtualization modes on PVH — a simple, fast, secure interface, low memory overhead, while taking full advantage of the hardware.
- Performance enhancements: Previous releases had improved certain highly contested code paths such as switching from byte lock to qticket lock, making read/write locks fair and splitting locks for grant operations. In the Xen Project Hypervisor 4.8 release, an optimization to TLB flush is introduced to greatly reduce the number of flushes needed during domain creation. This can reduce domain creation time for very large domains (with hundreds of gigabytes of RAM) from a few minutes to tens of seconds. Furthermore, the latency of "gettimeofday" call has been reduced by an optimization called Virtual Dynamic Shared Object (vDSO) to improve the performance for database and Java workloads.
- Credit2 scheduler is now supported: Compared to the default Credit scheduler, the Credit2 scheduler is more scalable and better at supporting latency-sensitive workloads such as VDI, video and sound delivery, as well as unikernel applications. Credit2 is still based on a general purpose, weighted fair share, scheduling algorithm, unlike some of the more specialized Xen Project schedulers such as RTDS and ARINC653.
- Read the announcement by The Linux Foundation for the complete list of enhancements delivered in the Xen Project Hypervisor 4.8.
Oracle's contributions to the Xen Project and continued collaboration with the community enable us to help our customers build their open cloud infrastructure. The Xen Project Hypervisor has been customized and optimized to integrate into the larger, Oracle-developed virtualization server - Oracle VM Server for x86. Oracle Linux and Oracle VM power Oracle Cloud, Oracle Engineered Systems (Oracle Exadata Database Machine, Private Cloud Appliance, etc.) and allow customers the flexibility to run the most demanding workloads on their infrastructure of choice.
Some of the performance and security enhancements in Xen Project 4.8 have been integrated into the latest update of Oracle VM Server for x86, which you can download by following the instructions here. For more information about Oracle Linux and Virtualization, visit www.oracle.com/virtualization.