Xen 4.5 Boosts Virtualization Security
The widely deployed open-source virtual technology that powers Amazon's, IBM's and Rackspace's public clouds gets a big update.The open-source Xen virtualization hypervisor project is out today with a major milestone update providing improved performance and enhanced security features. The Xen Project is managed as a Linux Foundation Collaboration project initiative and has multiple stakeholders, including Intel, Citrix, Amazon and Rackspace. Among the new features in the Xen 4.5 update are capabilities aimed at reducing the impact of the so-called "noisy neighbor" issue in multitenant cloud and data center environments. "The noisy neighbor is the situation where you have two processes, A and B," Donald Dugger, virtualization architect at Intel, explained to eWEEK. "Process A can be noisy in that it runs an algorithm that dirties many entries in the cache, evicting cache entries for process B and thereby slowing down process B." As part of Xen 4.5, Intel's Cache Monitoring Technology (CMT) is now supported, which allows users to track which processes are using how much cache and identify the noisy ones, according to Dugger. That is, the process A's that consume too much cache.
Lars Kurth, Xen Project Advisory Board member, explained to eWEEK that CMT is an Intel-only feature. It is part of a new set of Intel Hardware features to monitor CPU utilization as well as enable fine-grained monitoring and control of CPU resources.