A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
Sharing and protection in a single-address-space operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Lazy receiver processing (LRP): a network subsystem architecture for server systems
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Eliminating receive livelock in an interrupt-driven kernel
ACM Transactions on Computer Systems (TOCS)
Disco: running commodity operating systems on scalable multiprocessors
Proceedings of the sixteenth ACM symposium on Operating systems principles
Performance isolation: sharing and isolation in shared-memory multiprocessors
Proceedings of the eighth international conference on Architectural support for programming languages and operating systems
Resource containers: a new facility for resource management in server systems
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Self-paging in the Nemesis operating system
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Protocol Implementation in a Vertically Structured Operating System
LCN '97 Proceedings of the 22nd Annual IEEE Conference on Local Computer Networks
Modular real-time resource management in the Rialto operating system
HOTOS '95 Proceedings of the Fifth Workshop on Hot Topics in Operating Systems (HotOS-V)
Energy-efficient soft real-time CPU scheduling for mobile multimedia systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
PlanetLab: an overlay testbed for broad-coverage services
ACM SIGCOMM Computer Communication Review
Memory resource management in VMware ESX server
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Scale and performance in the Denali isolation kernel
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Measuring CPU overhead for I/O processing in the Xen virtual machine monitor
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
The eclipse operating system: providing quality of service via reservation domains
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
The origin of the VM/370 time-sharing system
IBM Journal of Research and Development
The design and implementation of an operating system to support distributed multimedia applications
IEEE Journal on Selected Areas in Communications
Proceedings of the 34th annual international symposium on Computer architecture
Agility in virtualized utility computing
VTDC '07 Proceedings of the 2nd international workshop on Virtualization technology in distributed computing
A tool for isolating performance in general-purpose operating systems
Proceedings of the 6th international workshop on Middleware for grid computing
Towards performance isolation in multi-tenant SaaS applications
Proceedings of the 7th Workshop on Middleware for Next Generation Internet Computing
Hi-index | 0.00 |
Virtual machines (VMs) have recently emerged as the basis for allocating resources in enterprise settings and hosting centers. One benefit of VMs in these environments is the ability to multiplex several operating systems on hardware based on dynamically changing system characteristics. However, such multiplexing must often be done while observing per-VM performance guarantees or service level agreements. Thus, one important requirement in this environment is effective performance isolation among VMs. In this paper, we address performance isolation across virtual machines in Xen [1]. For instance, while Xen can allocate fixed shares of CPU among competing VMs, it does not currently account for work done on behalf of individual VMs in device drivers. Thus, the behavior of one VM can negatively impact resources available to other VMs even if appropriate per-VM resource limits are in place. In this paper, we present the design and evaluation of a set of primitives implemented in Xen to address this issue. First, XenMon accurately measures per-VM resource consumption, including work done on behalf of a particular VM in Xen's driver domains. Next, our SEDF-DC scheduler accounts for aggregate VM resource consumption in allocating CPU. Finally, ShareGuard limits the total amount of resources consumed in privileged and driver domains based on administrator-specified limits. Our performance evaluation indicates that our mechanisms effectively enforce performance isolation for a variety of workloads and configurations.