Xen Project Virtualization Updated with Improved VMI and Security

The Release Marks The Best Quality and Quantity of Contribution

San Francisco, October 13, 2015 -- The Xen Project, Collaboration Project hosted at The Linux Foundation, today announced the release of Xen Project 4.6. The new release comes equipped with greater security, improvements to network throughput as well as upgraded migration.

With this release, Xen Project’s Virtual Machine Introspection (VMI) is natively supported on both Intel and ARM chips, making it an ideal API for developers building monitoring and security applications. Additional updates allow for increased stability, scalability and usability to create a stable baseline for third-party security applications, including malware detection, forensics, security auditing and more.

Updates to the VMI create the foundation for easier integration with IT monitoring tools for more centralized management, while the inclusion of Intel® Cache Allocation Technology (CAT) and Memory Bandwidth Monitoring (MBM) enable additional system resources monitoring.

Major contributions from Citrix, Suse, Oracle, Intel, Linaro, Fujitsu, Novetta, Red Hat, Zentific, BitDefender, NSA, Verizon, Xilinx, Cavium, Huawei, Broadcom, GlobalLogic, AMD and a number of universities and individuals are pushing Xen Project innovation forward in areas such as security, performance and quality. Xen’s functionality continues to evolve to better serve new compute infrastructures such as mobile, hyper-scale computing, massive workloads, security-intensive applications, embedded computing, cloud computing, hosting providers, and hardware appliances.  

“Stability, performance and security are critical when it comes to running software on the modern Internet and cloud systems,” said Lars Kurth, Xen Project Advisory Board Chairperson. “The new Xen Project release puts these capabilities front and center and allows system administrator to determine where system vulnerabilities might lie to proactively assess potential security risks and to centralize and monitor how instances in IT infrastructure are affecting the overall stability of the environment.”

“Citrix has built the Xen Project Hypervisor 4.6 release into XenServer Dundee, which recently entered public beta. The alignment of the release cycle of Xen 4.6 and the production of the XenServer Dundee series of alpha and beta releases allowed us to improve the quality of both Xen and XenServer by continuously testing the XenServer Dundee and Xen 4.6 integration,” said James Bulpin, Senior Director of Technology and Chief Architect of XenServer, Citrix Systems. “The combination of early testing of Xen 4.6 makes us confident that the latest release will be one of the highest quality Xen Project releases so far, and will help us make XenServer Dundee one of the best XenServer releases as well.”

New features and capabilities of Xen Project 4.6:

  • Enables a new class of security applications: A number of significant improvements to Xen’s Virtual Machine Introspection (VMI) subsystems make it the best hypervisor for security applications. Hardware support for VM Functions (VMFunc) available on Intel’s 4th generation Haswell CPUs and Atom Silvermont CPUs decreases overheads. Support for Virtualization Exceptions is now available on Intel’s 5th generation Broadwell CPUs and Atom Goldmont CPUs has significantly reduced latency. VMI support for ARM CPUs has also been added.
  • Major improvements to scalability: Finer-grained grant table locks lead to significant scalability improvements in the Xen Project. For example, aggregate intrahost network throughput has improved more than 100% in some cases. In addition, byte-range locks were replaced with ticket locks, which have better fairness properties than previously used locks for improved scalability.
  • Redesign of live migration components to better support high availability: The Xen Project Hypervisors Live Migration subsystem implemented its second version (Migration v2) to be more robust, extensible and able to handle next-generation infrastructures. It has been tested by several vendors to ensure it is enterprise-ready. The updates provide better performance for 64 bit systems and add support for cross-bitness migration between 32 and 64 bit hosts. Migration v2 is optimized for PVH and Coarse-grained Lock-stepping (COLO), which will be fully integrated with Xen in the next release. In addition, Page Modification Logging (PML) was implemented for Intel CPUs, improving SpecJBB performance by 7.6% in log dirty mode.
  • Better quality: During the Xen 4.6 release cycle, the Xen Project increased its integration test capability by creating CI loops for Xen Hypervisor and OpenStack testing. Besides running tests on more hardware configurations, the number of test cases nearly doubled during the 4.6 release cycle, contributing to the best quality release yet. This is also reflected in test results by 3rd party vendor test suites, which are regularly run on the Xen Project codebase.
  • ARM support: The new release increases the maximum number of supported VCPUs for 64-bit ARM CPUs from 8 to 128 and adds support for 32-bit userspace applications to 64-bit guests. Additionally, new IP blocks, firmware interfaces and platforms are supported, such as non-PCI passthrough support, OVMF for ARM and GICv2 on GICv3 support. During the hardening phase of Xen 4.6, members of the Xen Project community closely collaborated with the CentOS Virtualization SIG to build and test Xen 4.6 packages for CentOS 7’s 64-bit ARM variant and tested it against OpenStack using libvirt. The full release of the Xen 4.6 CentOS 7 packages is available here.
  • Updates for automotive and embedded systems: The new release added support for two platforms targeting the embedded and automotive market segments: Xilinx Zynq® UltraScale+™ MPSoC and support for the Renesas R-Car Gen2 SoCs.
  • Intel Platform QoS Technologies for improved scalability and performance: Intel® Cache Allocation Technology (CAT) and Memory Bandwidth Monitoring (MBM) are included, which build on the Cache Monitoring Technology (CMT) introduced in Xen 4.5. CAT allows system administrators to assign more L3 cache capacity to individual VMs, resulting in lower latency and higher performance for high-priority workloads such as NFV, real-time and video-on-demand applications. MBM allows system administrators to identify memory bandwidth saturation on a Xen host that may be caused by several memory-intensive VMs running on the same host. Taking corrective actions, such as migrating VMs to a different Xen host, increases scalability and performance in the data center.

Additional Resources

About Xen Project

Xen Project software is an open source virtualization platform licensed under the GPLv2 with a similar governance structure to the Linux kernel. Designed from the start for cloud computing, the Project has more than a decade of development and is being used by more than 10 million users. A Collaborative Project at The Linux Foundation, the Xen Project community is focused on advancing virtualization in a number of different commercial and open source applications including server virtualization, Infrastructure as a Services (IaaS), desktop virtualization, security applications, embedded and hardware appliances. It counts many industry and open source community leaders among its members including: Alibaba, Amazon Web Services, AMD, ARM, Bromium, Cavium, Citrix, Google, Intel, NetApp, Oracle, Rackspace, and Verizon Terremark. For more information about the Xen Project software and to participate, please visit XenProject.org.


Media Contact
Zibby Keaton
Xen Project

Xen Project Announces Alibaba Joins Advisory Board

Company Leverages Open Source Virtualization to Power Online Marketplaces and Aliyun Cloud Services

San Francisco, August 13, 2015 - The Xen Project Collaborative Project hosted at The Linux Foundation today announced Aliyun, the cloud computing subsidiary of Alibaba Group Holding Limited (NYSE: BABA) is a new Advisory Board member.

New Xen Project Partner Hyper Allows Developers To Leverage Docker Technology

Company to Present its New Open Source Project at Xen Project Developer Summit and ContainerCon

SAN FRANCISCO, July 20, 2015--The Xen Project Collaborative Project hosted at The Linux Foundation today announced a partnership with Hyper, a company offering an open source project that allows developers to run Docker images with Xen Project virtualization. Based in China, the company will be presenting “Hyper: Make VM Run Like Containers” at Xen Project Developer Summit, Aug. 17-18. The Hyper Project allows developers to run Docker images with any Xen hypervisor Xen 4.5 or later and is available for download here.

Xen Project Community Announces Program For Developer Summit In August

Open Source Hypervisor Community to Collaborate on New Innovations and Future of Xen Project at Annual Event

SAN FRANCISCO, June 15, 2014 – The Xen Project Collaborative Project hosted at The Linux Foundation today announced the program and speakers for the Xen Project Developers Summit that unites developers, integrators and power users for in-person collaboration and educational instruction. The event will take place in Seattle on August 17-18, 2015.

Xen Project Hypervisor Delivers Enhanced Performance and Security for Cloud and Enterprise Computing

Improved ARM server and Intel hardware support advance open source virtualization with new workloads and embedded use cases

SAN FRANCISCO, January 15, 2015 The Xen Project Collaborative Project hosted at The Linux Foundation today announced availability of Xen Project Hypervisor version 4.5.

The latest release builds on Xen Project hypervisors ability to deliver the performance, quality, security and scalability that todays large-scale and scale-out computing workloads demand. For x86-based solutions, improved cache monitoring technology provides faster processing and better utilization to resolve the noisy neighbor” dilemma when hosting large, resource-hungry data sets. With market demand growing for 64-bit ARM data centers, Xen Project Hypervisor now supports larger VMs on ARM, handling up to 1TB of guest RAM.

Xen Project Launches Embedded and Automotive Initiative

GlogalLogic To Build on Early Contributions And Spearhead New Development

CHICAGO Xen Project Developer Summit Aug. 18, 2014 The Xen Project Collaborative Project hosted at The Linux Foundation today announced a new Embedded and Automotive initiative. Successful in running the worlds largest clouds and first to market with ARM support, a growing number of companies are increasingly interested in advancing open source Xen Project virtualization in non-data center scenarios.

Xen Project User Summit Highlights Advanced Use Cases for Leading Open Source Hypervisor

Event to Discuss Virtualization Innovation and Best Practices With Cloud Computing and Security

SAN FRANCISCO, July 28, 2014 – The Xen Project Collaborative Project hosted at the Linux Foundation today announced the presenters and full program for the Xen Project User Summit that gathers developers, integrators and power users for in-person collaboration and educational instruction. The event will take place in New York City on September 15, 2014.