Virtualization: The Bridge to Carrier Grade Linux and COTS Adoption

1
VirtualizationThe Bridge to Carrier Grade Linux
and COTS Adoption

• Tomas Evensen
• Chief Technical Officer

2
Trends Multicore and Virtualization
Wasnt Life Simple?
OS
CPU
2
3
Multicore and/or VirtualizationUsage Scenarios

• Performance
• Consolidation
• Separation/Security
• Migration/Evolution

• Usability
• Portability/Scalability
• Certification
• Reliability

4
Case Study Networking Offload

• Cost (Hardware, Development)
• Performance

• Performance
• Consolidation

Control Plane
Packet Processing
Packet Processing
Packet Processing

• AMP Configuration
• Multiple OS, core loading
• VxWorks High speed IPC, system-level
• debug and profile
• Performance of RTOS with rich Linux environment

Wind River Linux
VxWorks or Executive
VxWorks or Executive
VxWorks or Executive
...
Multicore Processor ( 8, 16, etc., cores)
Core 0
Core 1
Core 2
Core n
5
Case Study Networking Offload (Protected)

• Cost (Hardware, Development)
• Performance

• Performance
• Consolidation

Control Plane
Packet Processing
Packet Processing
Packet Processing

• AMP
• Automated load life cycle management
• Memory protection robustness with low to
• no overhead

Wind River Linux
VxWorks or Executive
VxWorks or Executive
VxWorks or Executive
...
Wind River Hypervisor
Multicore Processor ( 8, 16, etc., cores)
Core 0
Core 1
Core 2
Core n
6
Case Study Asset Bridge

• Cost
• Time-to-market
• Features/ Differentiators

• Migration/Evolution
• Consolidation
• Usability

New Application
Existing Application

• Virtualization and/or AMP
• Leverage and evolve existing assets
• Innovate in new environment
• Networking, industrial

Wind River Linux
Other OS
Wind River Hypervisor
Single or Multicore Processor
7
Case Study Safety, Usability

• Cost
• Safety
• Features/ Differentiators

• Certification
• Consolidation
• Usability

Virtual Board 1
Virtual Board 2
Safety Critical Application
Human Machine Interface Application

• Preserve certification efforts
• Innovate in new environment
• Industrial, transport

VxWorks (Certifiable) or Bare Metal

• Wind River Linux

Wind River Hypervisor (Certifiable)
Single or Multicore Processor
8
Case Study Evolution, Usability

• Cost
• Features/ Differentiators

• Migration/Evolution
• Usability

Virtual Board 1
Virtual Board 2
Real-Time Control Application
Networking/Graphical Application

• Preserve existing assets continue to meet
  real-time constraints
• Innovate in new environment

RTOS

• Wind River Linux

Wind River Hypervisor
Single or Multicore Processor
9
Definitions

• Virtualization Abstraction of computer resources
  (cores, memory, other), hiding the physical
  characteristics from the end user (OS or
  application)
• Hypervisor Software that provides a
  virtualization platform allowing multiple OSes
  (or bare metal virtual boards) to run on a
  system

10
Multiple Operating Systems Challenges
5 - Debug
3
Application
Application
3
VxWorks
Wind River Linux
Application
2
2
1 and 4
1 and 4
1 and 4
Physical Board
IDE
Ethernet
Memory
Core
Timer
Serial
Core

• Hardware resource partitioning
• Multi-OS booting
• High-speed IPC
• Resource access/sharing (consoles, network
  interfaces, file I/O)
• Debug connectivity

11
Hardware Resource Partitioning
12
Virtual Boards
Virtual Board 3
Virtual Board 1
Virtual Board 2
Application
Application
Operating System 1
Operating System 2
Application
Ethernet
Bus
Serial
Ethernet
VCore
Memory
Timer
DMA
VCore
Memory
Timer
DMA
VCore
Memory
Timer
DMA
Wind River Hypervisor
Physical Board
IDE
Ethernet
Memory
Core
Timer
Serial
Core
13
Device Trees Define Boards
Virtual Board 3
Virtual Board 1
Virtual Board 2
Application
Application
Operating System 1
Operating System 2
Application
Device Tree
Device Tree
Device Tree
Serial
Ethernet
Memory
Timer
DMA
Memory
DMA
Bus
MIPC
Memory
DMA
Ethernet
MIPC
Configuration Tool Verification
Configuration Commands
Physical Board
Core
Ethernet
Bus
Memory
Timer
Serial
Core
Ethernet
14
Hardware Resource Partitioning Summary

• Explicit control of hardware resources
• Semantic check of logical boards possible
• Generated device tree provided to hypervisor or
  OS
• Interrupts Steering and mapping (provided by
  virtual interrupt controller)

14
15
Multi-OS Booting
16
Booting
Hypervisor ELF Image
Boot Image (ELF Format)
VxWorks ELF Image (vxWorks.st)
Bare Metal 2
Linux ELF Image (zImage.elf)
Bare Metal 1
Packaging Tool
Bare Metal 1 ELF Image (app1.elf)
Wind River Linux
Bare Metal 2 ELF Image (app2.elf)
VxWorks
XML Configuration
XML Configuration
Image Manifest
Hypervisor
17
Multi-OS Booting Summary

• Ease of building system and loading target
• Configuration files decoupled from image (change
  memory regions, interrupt routing, etc.)
• Integrated life cycle management Notification of
  guest OS failures, ability to manipulate
  (start/stop/reload) from another guest OS

18
High-Speed IPC
19
Tailored IPCs

• Shared Memory
• High performance
• MIPC
• High performance, zero copy
• OS-independent
• 20K footprint
• Hardware support
• Static topology
• TIPC
• 100K footprint
• Full-featured
• Transparent multiboard
• Dynamic topology
• SIPC (Secure IPC)

Physical Board
Core 2
Core 1
Virtual Board
Virtual Board
Virtual Board
App 5
App 6
MIPC
App 4
MIPC
Linux 2
MIPC
Linux 1
Physical Board
Phys Board
Core
Virtual Board
Virtual Board
App
App
App
TIPC
TIPC
TIPC
Linux 3
Linux 1
Linux 2
Ethernet
Ethernet
20
High-Speed IPC Summary

• High-speed IPC available not just between
  physical cores but also between virtual boards
• Memory protection provided by VMMU ensuring IPC
  does not corrupt system memory, improving
  reliability
• Selection between performance (MIPC),
  transparency (TIPC), and security (SIPC)

21
Resource Sharing/Access
22
Shared Devices
Virtual Board
Virtual Board
APP
APP
NET
NET
Linux 2
Linux 1
VDD
VDD
VB MIPC Services
VB MIPC Services
DM
DD
Hypervisor
Ethernet

• Use virtual devices when the board has too few
  physical devices
• Use existing driver from another OS
• Share when one OS is not using entire capacity of
  device
• Is transparent to operating system

23
Shared Networking and I/O
Virtual Board
Virtual Board
APP
NET
DSS
VB MIPC Services
DSSC
VB MIPC Services
FILE
I/O
DIOS
DIOSC
OS
OS
DD
DD
Wind River Hypervisor
Ethernet
IDE

• One networking stack and/or file system supports
  any number of operating systems
• There is a smaller footprint than with one stack
  for each OS
• An operating system without networking or file
  system can still use them

24
Resource Sharing/Access Summary

• Device/service access is the same as unsupervised
  AMP however, since the IPC between logical
  boards uses memory protected by the VMMU,
  robustness is improved.

25
Debug Connectivity
26
Multiple Context Debugging with Wind River
Workbench
Host System
Target System

• Multiple Targets
• One Wind River Workbench instance
• Target manager
• Multiple simultaneous connections,
  includingshared connections
• Multiple OS types supported simultaneously
• Multiple target processors supported
  simultaneously

• Control
• Processors

Function Processors

• Multiple Contexts
• Core, process, or thread
• Each context has a set of views
• Source
• Stack
• Registers

• Processes/Threads
• Qualify breakpoints on a process or specific
  thread
• Stop the entire process or an individual thread

Target boards may be any mix of physical,
logical, or virtual boards and any mix of uP or
SMP VxWorks and Wind River Linux, and bare metal
software
26
27
Virtualization and Multicore with Workbench
Host System with Wind River Workbench
WDB
WDB
WDB
TCP/IP
OCD
MIPC
28
Core Virtualization
29
Multicore Multiprocessing
SMP AMP
Virtualization Bare
CORE
CORE
CORE
CORE
CORE
Virtual Board
Virtual Board
Virtual Board
Virtual Board
Virtual Board
SMP OS
Wind River Linux
VxWorks
VxWorks
VCore
Mem
Timer
Bus
IDE
Serial
VC
M
VC
M
VC
M
VC
M
VCore
T
T
T
T
E
Wind River Hypervisor
Configuration
Ethernet
Serial
Memory
Bus
Core
Core
Core
Core
Core
30
Protection and Zero Overhead
Virtual Board
Virtual Board
Virtual Board
Virtual Board
Windows
Linux
Legacy
Core
Mem
Eth
Core
VCore
M
VCore
M
Wind River Hypervisor
VxWorks
Ethernet
Serial
Memory
Core
Core
Memory
Core
Core
Eth
Configuration

• Windows, Linux, and legacy are protected from
  each other but not from VxWorks
• VxWorks is protected from all other guests
• VxWorks directly accesses all its hardware
  Hypervisor does not execute on VxWorks core

31
Conclusions

• Multi-OS AMP designs are workable and the best
  solution in some situations
• Introducing a hypervisor provides these
  advantages
• Development productivity (automated partitioning,
  fewer faults, debug improvements)
• More robust systems (memory protection, interrupt
  handling, life cycle management)
• Optimization of hardware resources (shared
  resources, core virtualization, leverage hardware
  virtualization features)

31
32
Wind River for Virtualization

• Based on single-point-of-failure avionics
  technology and undergoing multi-million-dollar
  evaluation to EAL6 for security
• Optimal integration with Wind River operating
  systems and open/flexible to support other
  operating systems
• Extensive hardware support (PPC, Intel, MIPS,
  ARM, others)
• Hypervisors scalability allowing balancing of
  security, reliability, and safety against
  performance and footprint
• Wind River Workbench providing configuration,
  flexible debug approaches, and performance
  analysis and tuning
• Not just about virtualization needs to be part
  of a comprehensive multicore software solution

33
Wind River Multicore Software Solution

• Flexible multicore software configurations
  (SMP/AMP/virtualization and combinations thereof)
• Support for real-time (VxWorks) and general
  purpose (Wind River Linux) OSes and the
  openness/flexibility to support other operating
  systems and executives
• High-speed, transparent, and/or secure IPC
  infrastructure across board, core, and operating
  system boundaries
• Optimized middleware for multicore (networking
  offload/crypto)
• Tools to configure, debug, analyze, and optimize
  entire multicore and multi-OS systems

34
Looking Forward

• Wind River Multicore Software Solution provides
  for the optimization of devices by allowing
  device makers to get the most out of new
  hardware, leverage existing software assets, and
  innovate with new software
• It futureproofs investments by being adaptable to
  future hardware and software as it becomes
  available

35
(No Transcript)