I am now at the half way of this book. Since each chapter of the book is written by different authors, one can definitely feel the different styles the various authors used in describing the architecture of their systems. Even the depth can vary considerably from chapter to chapter. For example, this chapter addresses the architecture at a higher level than the previous Facebook chapter. Just like a couple of the previous chapters are written by authors favoring agile programming methodologies, this chapter heavily promotes the open source concept.
Derek Murray and Keir Fraser first gave the background on the Xen project. It is interesting in their description of the Xenoservers that they mentioned that there is mutual distrust between the customer and the provider. It seems to me that the use of Xen only solves this problem in one direction. I can see that Xen provides the provider (assuming to be the one running the hypervisor) protection from the customer but not the other way around. Professor Sam King et al. wrote a paper on malicious virtual-machine monitors (SubVirt: Implementing malware with virtual machines: https://agora.cs.illinois.edu/download/attachments/19924902/04_king06.pdf?version=1&modificationDate=1200454246000) which shows that it is very difficult for upper-layer software to detect malicious lower-layer software. In this case, the customer is running a guest OS on top, it will be difficult for him/her to detect a malicious hypervisor installed by the producer.
The idea of paravirtualization represents the tradeoff between performance and ease of use. Since the authors has listed performance as the first goal, such tradeoff makes sense. It is great that the hardware vendors have then caught on the virtualization trend and provided the right hardware support that software can leverage on to avoid such decision.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment