Virtual Open Systems Newsletter
Edition of September 2014
In this edition Virtual Open Systems highlights latest activity on vhost-user and its integration with OpenStack, VFIO on ARM for platform devices, dissemination in cyber security and heterogeneous VM migration, mixed criticality dual-OS (GPOS and RTOS) coexistence on ARM platforms:
- Product news: vhost-user now Upstream
- NFV networking: vhost-user & SnabbSwitch Integration with OpenStack
- Cyber security dissemination: Virtual Open Systems at CSP 2014 Forum
- Open source leadership: VFIO on ARM for Platform Devices
- Leading the innovation: VM Migration in Heterogeneous Cloud
- Architecture research: Mixed Criticality dual-OS on ARM Platforms
Development Activity in Virtualization on ARM Embedded Platforms & Networking
Product news: vhost-user now Upstream
vhost-user is an open source virtual machines (VM) communication protocol designed by Virtual Open Systems to replace the in-kernel Linux vhost infrastructure with a user-space implementation, for a direct and fast connection of VMs and user-space applications through a zero-copy mechanism. Both QEMU and libvirt communities have accepted vhost-user, which is now part of the mainline code branch. The vhost-user protocol is used, for example, by the virtual switch SnabbSwitch to communicate with guests and to implement an SDN/NFV architecture. Because of its proven flexibility and performance, other user space network frameworks are now planning to switch to vhost-user.
NFV networking: vhost-user & SnabbSwitch integration with OpenStack
As a next step Virtual Open Systems is committed to NFV and the cloud to provide a complete NFV solution based on vhost-user integration with OpenStack, libvirt, QEMU, SnabbSwitch integration in Neutron through the ML2, for which a proof of concept is ongoing targeting DT Terastream network. To verify the quality of the integrated NFV solution, Virtual Open Systems is actively involved in a custom Continuous Integration process. Further step will include Neutron upstreaming.
Cyber security & privacy dissemination: Virtual Open Systems at the CSP 2014 Forum
CSP Forum Conference focuses on market impact from EC funded Cyber Security and Privacy research activities. At the 2014 edition, Virtual Open Systems has shared its experience acquired in the field of isolation and security for ARMv7 and ARMv8 platforms, through the implementation of an integrated security solution combining together KVM virtual machines, TrustZone, Global Platform TEE and SELinux along with security hardware extensions developed within the scope of EC TRESCCA project. Moreover the post-proceedings of the conference includes a scientific contribution (“A Performance Analysis of ARM Virtual Machines Secured using SELinux”), where Virtual Open Systems shows an I/O performance comparison between secure and unsecured VMs which leads to interesting results.
Open Source Leadership: VFIO on ARM for platform devices improvements
Virtual Open System's open source contributions to VFIO on ARM has continued with the ongoing work on VFIO support for platform devices. New functionality introduced in VFIO_PLATFORM includes an improved mechanism to handle interrupts masking and unmasking via an eventfd. This means fewer exits from a guest when it uses a device, when coupled with KVM's IRQFD support. The VFIO on platform devices work is conducted in the context of the EC SAVE FP7 project and is presented at a special session at the 12th IEEE International Conference on Embedded and Ubiquitous Computing in August 2014.
Leading the innovation: KVM & Emulated VM Migration in Heterogeneous Cloud
Virtual Open Systems has investigated a new VM migration concept between KVM and emulated guests. This kind of migration is interesting, for example, in heterogeneous cloud infrastructures composed by different processor architectures. This would enable architecturally different platforms in the cloud to become a target for an outgoing migration. Within the EC TRESCCA project, a scientific paper ("Considering VM migration between IaaS Clouds and mobile Clients: Challenges and Potentials") describing this concept has been submitted to CLOUDNET'14 and accepted for public release.
Architecture research: Mixed Criticality dual-OS Coexistence on ARM Platforms
With its activity in the EC DREAMS project Virtual Open Systems continues the ongoing development for a mixed criticality dual-OS architecture for automotive and health-care use cases. With such a system configuration, time critical applications are handled in the RTOS and in conjunction retain the ability to use Linux/KVM for multimedia applications and feature-rich operating systems in virtual machines. Together with a coordinated scheduling scheme, soft-real time guarantees can be preserved in the GPOS, even when aggressive time constraints are present in the RTOS.