Embedded systems become virtualized, IoT security concerns continue and the container community diversifies… What else will happen to the hypervisor and beyond in 2017? Two members of the Xen Project, Stefano Stabellini and James Bulpin, provide insight on where the hypervisor is going in 2017 and other virtualization and infrastructure trends to watch out for in this VMblog post.
This is a reprint of the following Linux.com article by Alex Agizim, VP, CTO Embedded Systems at GlobalLogic
“Smart car” technology had a huge presence at CES 2015, from BMW’s 360-degree collision avoidance and parking assist features to Audi’s Human Machine Interface (HMI) that connects to an iPhone or Android device. And with both Apple and Google jumping into the market with their CarPlay and Android Auto IVI systems, the automotive industry is on the brink of some significant changes.
For example, thanks to new developments in open source virtualization, OEMs and car manufacturers are closer than ever to achieving a secure, flexible, robust, and customizable integrated cockpit — one that keeps drivers safe while meeting consumers’ connected car expectations. Already well-known for providing security, stability, and isolation in the datacenter, automotive virtualization is gaining wider attention due to additional hardening and new support for ARM.
While this is certainly exciting, virtualization remains a roadblock to some in the smart car industry. I personally had the opportunity to demonstrate GlobalLogic’s Nautilus platform for automotive virtualization at GENIVI’s CES demo and networking event. Leveraging a TI J6 SoC, I demo’d a dual-screen virtual cockpit with one screen emulating a Linux-powered driver information display, and the other screen emulating an Android-powered IVI system. The entire configuration ran on Xen Project Hypervisor 4.5 with three domains: Dom0 (thin control), DomU (Linux), and DomU (Android).
During the demo, I showcased how Nautilus achieves an overall system boot time of 8 seconds, an early RVC of 1.5 seconds, and secure and reliable peripheral sharing (including GPUs). Most importantly, I demonstrated how even if the Android virtual machine crashes, it has absolutely no influence on the mission-critical Linux virtual machine. With Nautilus automotive software, developers can host a number of VMs that are completely sandboxed from each other, thereby ensuring that all vehicle services will continue to operate even if one specific component fails.
The demo was well-received by GENIVI’s attendees, and I got the impression that many Tier 1 OEMs were thinking about using virtualization in their next-gen platforms. This is a huge milestone because, up until very recently, virtualization had a bad rep in the automotive industry. Previous attempts at virtualization using ARM A9 architecture ultimately failed because there was no hardware support for it. Many were also highly reluctant to use open source technology because it lacked proper compliance to strict auto industry regulations. But with platforms like Nautilus, developers can leverage cutting-edge open source technology that is ISO 26262 certification ready to create secure and reliable automotive virtualization experiences.
In fact, GlobalLogic’s goal is to make Nautilus part of the reference Automotive Grade Linux (AGL) software, an open source project that is developing a common, Linux-based software stack for the connected car. We are also a founding leader for Xen Project’s Embedded and Automotive initiative. GlobalLogic is working to add the Xen-based technology to the AGL spec and is further developing the platform’s real-time scheduling and peripheral sharing features to improve the use of a single physical CPU for multiple guest OSes and peripheral devices. We’ll soon be extending QNX and Tizen IVI 3.0 support to improve the functionality of other features. Finally, we are also expanding Nautilus to support even more SoCs in the next six months, such as Renesas R-Car H2/M2, which offers hardware support for virtualization.
Based on my work with the Nautilus platform and my observations of the general automotive industry, I wouldn’t be surprised to see the first PoCs for automotive virtualization coming out of China and Japan later this year. The momentum behind smart car technology development is very strong right now, and I’m excited to see what happens when automotive OEMs finally start taking advantage of virtualization’s many possibilities.
By Xing Lin
This document describes steps I took to setup a compute node based on Ubuntu 14.04 for OpenStack “juno”, using the Xen Project via libvirt approach. Openstack does not support this approach well as it is in Group C of the hypervisor support matrix for Openstack. You can hardly find any tutorial online describing this approach and this might be the first. Let’s get started!
Follow “OpenStack Installation Guide for Ubuntu 14.04″ to setup the control node and network node, following the three-node architecture with OpenStack Networking (neutron). This involves lots of configuration and could take a day or two. Check that the control node and network node is working.
Both businesses and consumers rely on public clouds for a range of tasks and activities from collaboration and video streaming to gmail and Netflix. New companies are born with just a dozen employees, a laptop and an Internet connection practically overnight. This is all thanks to cloud computing.
It’s no surprise that in the next six years, almost 90 percent of new spending on Internet and communications technologies, a $5 trillion global business, will be on cloud-based technology, according to industry analyst firm IDC. Cloud applications will also account for 90 percent of total mobile data traffic by 2018, according to the Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2013–2018.
The benefits for users are almost too numerous to count, but most IT professionals agree that cloud computing epitomizes constant change. Its ability to provide ubiquitous, on-demand access to a shared pool of networks, servers, storage, and services whenever and wherever they are needed is creating both market opportunity and market upheaval.
To temper the turbulence, capitalize on the opportunities and best prepare for any number of cloud unknowns, several of the world’s largest public providers including Amazon Web Services, Rackspace, IBM/SoftLayer and Verizon Terremark rely on Xen Project virtualization. Open source Xen Project software offers superior IT efficiencies, workload balancing, hyperscalability and tight security by running VMs on a cloud service.
While today the media is focusing on price wars and the possible commoditization of infrastructure as a service (IaaS), cloud providers like Verizon Terremark are innovating with novel Quality of Service agreements and new levels of automation. In his talk in Chicago at our Xen Project Developer Summit, Verizon Terremark’s Don Slutz will present an overview of the Verizon Cloud architecture based on Xen.
“It’s the core foundation of the Verizon Cloud, allowing our users to run any type or size workload they’d like to. Xen is critical to Verizon. Competing solutions were either too cost prohibitive or lacked the security controls that Xen has,” Don said.
Verizon Terremark is a long-time advocate of open standards and is more actively involved than ever before in the open source ecosystem. Verizon sponsors and participates in Xen Project software, invests in CloudStack and most recently joined the Cloud Foundry Foundation, hoping to see the cloud market mature quickly and provide businesses with cloud-based offerings that address specific needs like performance, choice, cost and flexibility.
For the past three years, Don has worked on integrating and designing Xen for the Verizon Cloud architecture along with seven full-time engineers. Today, clients are fully deployed on Verizon’s IaaS based on Xen. A focal point of his talk will be Verizon’s Quality of Service (QoS) goals with CPU, memory, network and disk performance.
“Often clouds end up requiring far too much support personnel, which we are trying to rectify. With our QoS agreement, we allow users to set the performance parameters their business requires and guarantee that Verizon will back these up at all times. Instead of focusing on speed or load size, we’ll guarantee certain CPU, memory, network or disk performance. This is really unique in the industry,” he added.
In addition to delivering workload efficiency, security and cost savings to its cloud customers, Verizon is also giving back to the Xen Project community.
“We’re working to make Verizon Cloud a high capacity service that allows people to move existing VMs easily onto it it,” Don said. “Our goal is to add enough VMWare support so that a guest can be exported from VMWare and automatically run without any changes on Xen.”
Verizon’s VMWare code is currently in review and in the past year has contributed 40 change sets that totals 4,300 lines of code.
Proof that demand for cloud services is growing and spurring more change, Don will also address Verizon’s design goals to move from three to seven data centers in the near future. If you’re interested in learning more, be sure to register today for the Xen Project Developer Summit to hear Don present on Tuesday, August 19 from 9 to 9:45 a.m.
About Don Slutz
Currently, Don works for Verizon Terremark enhancing Xen, which is the basis for Verizon Cloud. He got started early (1970) in computers because of his father Dr. Ralph J. Slutz and spent 16 years at Prime Computer in operating systems. He has extensive networking, performance, and testing experience.
The OpenMirage project is seeking to become a Xen.org hosted project, as defined in the Xen Governance process. To become a Xen.org hosted project, a project proposal is needed that is first submitted for community review. The review is followed by a vote by eligible community members, which if successfull adds the project to the Xen.org incubator. The project can then graduate as outlined in the Xen Governance process.
What is Open Mirage?
The following recording of a XenSummit presentation by Anil Madhavapeddy, the Mirage project lead, introduces the project, explains why it is relevant to Xen.org and concludes with some interesting benchmarks and discussion.
Xen.org recently released a number of (related) security updates, XSA-7 through to -9. This was done by the Xen.org Security Team who are charged with following the Xen.org Security Problem Response Process.
As part of the process of releasing XSA-7..9 several short-comings (a few of which Ian Jackson has discussed already in Security vulnerabilities – the coordinated disclosure sausage mill) were found in the process.
In order to address these short-comings we have started a discussion on the xen-devel mailing list which describes the issues which we faced and proposes some potential options for updates. However this process is supposed to serve you, the Xen user community, and therefore your feedback and input is critical to ensuring that the policy meets the needs of the community.
So whether you are a small or large consumer of Xen you should feel free to have your say and to help formulate an updated policy which best serves the needs of the community. To take part in the discussion please send mail to firstname.lastname@example.org.