Intel inguqulelo entsha ye-hypervisor . I-hypervisor yakhelwe phezu kwamacandelo
iprojekthi edibeneyo , apho, ngaphezu kwe-Intel, i-Alibaba, i-Amazon, i-Google kunye ne-Red Hat nayo ithatha inxaxheba. I-Rust-VMM ibhalwe ngolwimi lwe-Rust kwaye ikuvumela ukuba wenze i-hypervisors ejongene nomsebenzi othile. I-Cloud Hypervisor yenye ye-hypervisor enjalo ebonelela ngenqanaba eliphezulu lokujonga umatshini we-virtual (VMM) osebenza ngaphezulu kwe-KVM kwaye ilungiselelwe imisebenzi yamafu. Ikhowudi yeprojekthi ilayisenisi phantsi kweApache 2.0.
I-Cloud Hypervisor igxile ekusebenziseni ukuhanjiswa kweLinux yanamhlanje kusetyenziswa izixhobo ezisekelwe kwi-virtio-based paravirtualized. Phakathi kweenjongo eziphambili ezikhankanyiweyo zezi: ukuphendula okuphezulu, ukusetyenziswa kwememori ephantsi, ukusebenza okuphezulu, ukucwangciswa okulula kunye nokunciphisa ii-vectors ezinokuthi zihlaselwe.
Inkxaso yokulinganisa igcinwa isezantsi kwaye kugxilwe kwiparavirtualization. Okwangoku kuphela iisistim ze-x86_64 ezixhaswayo, kodwa inkxaso ye-AArch64 icwangcisiwe. Kwiinkqubo zeendwendwe, kuphela i-64-bit yokwakha ye-Linux exhaswayo okwangoku. I-CPU, imemori, i-PCI kunye ne-NVDIMM ziqwalaselwe kwinqanaba lendibano. Kuyenzeka ukufudusa oomatshini benyani phakathi kwabancedisi.
Kwinguqulelo entsha:
- Umsebenzi uqhubekile ekuhambiseni i-I/O yeparavirtualized ukuya kwiinkqubo ezahlukeneyo. Ukukwazi ukusebenzisa i-backends yongezwe ukusebenzisana nezixhobo zebhloko . Utshintsho lukuvumela ukuba udibanise izixhobo zebhloko ezisekelwe kwimodyuli ye-vhost-umsebenzisi kwi-Cloud Hypervisor, njenge , njengezinto ezingasemva zokugcina iparavirtualized;
- Inkxaso yokuhambisa imisebenzi yenethiwekhi kwi-backends, yaziswa ekukhululweni kokugqibela , eyandisiweyo nge-backend entsha esekwe kumqhubi womnatha wenyani . I-backend ibhalwe kwi-Rust kwaye ngoku isetyenziswa kwi-Cloud Hypervisor njengeyona nto iphambili ye-para-virtualized network architecture;
- Ukwandisa ukusebenza kakuhle kunye nokhuseleko lonxibelelwano phakathi kwendawo yokusingatha kunye nenkqubo yeendwendwe, ukuphunyezwa kwe-hybrid yesokethi kunye ne-AF_VSOCK idilesi (i-virtual network sockets), esebenza nge-virtio, iphakanyisiwe. Ukuphunyezwa kusekelwe kuphuhliso lweprojekthi , iphuhliswe yiAmazon. I-VSOCK ikuvumela ukuba usebenzise i-API esemgangathweni ye-POSIX Sockets yokusebenzelana phakathi kwezicelo kwiindwendwe kunye namacala abamba, okwenza kube lula ukulungelelanisa iinkqubo eziqhelekileyo zothungelwano kunxibelelwano olunjalo kunye nokuphumeza ukusebenzisana kweenkqubo ezininzi zabathengi kunye nesicelo somncedisi omnye;
- Unikeze inkxaso yokuqala yolawulo lwe-API usebenzisa i-HTTP protocol. Kwixesha elizayo, le API iya kwenza ukuba kukwazi ukuqalisa imisebenzi esynchronous kwiinkqubo zeendwendwe, ezifana nezixhobo ezitshisayo zokuxhuma kunye neendawo ezifudukayo;
- Kongezwe umaleko kunye nokuphunyezwa kwezothutho ngokusekelwe kwi-virtio MMIO (i-Memory mapped virtio), enokusetyenziswa ukwenza iinkqubo zeendwendwe ezincinci ezingadingi ukulinganisa ibhasi ye-PCI;
- Njengenxalenye yenyathelo lokwandisa inkxaso yokuqhubela phambili iinkqubo zeendwendwe ezihlala kwindlwane, i-Cloud Hypervisor yongeze amandla okuhambisa izixhobo ze-IOMMU ze-paravirtualized ngokusebenzisa i-virtio, ephucula ukhuseleko lwe-nested kunye nokuthunyelwa ngokuthe ngqo kwezixhobo.
- Kubonelelwe ngenkxaso ku-Ubuntu 19.10;
- Kongezwe ukukwazi ukuqhuba iinkqubo zeendwendwe ezingaphezu kwe-64 GB ye-RAM.
Ukongezelela, kunokuqatshelwa kufuphi esweni umatshini virtual , ibhalwe kwakhona kwi-Rust, esekwe kwi-Rust-VMM kwaye isebenza ngaphezulu kwe-KVM. I-Firecracker yifolokhwe yeprojekthi , esetyenziswa nguGoogle ukuqalisa usetyenziso ΠΈ kwiChromeOS. I-Firecracker iphuhliswa yi-Amazon Web Services ukuphucula ukusebenza kunye nokusebenza kakuhle kwe-AWS Lambda kunye ne-AWS Fargate platforms.
Iqonga lenzelwe ukuqhuba oomatshini obubonakalayo kunye ne-overhead encinci kwaye ibonelela ngezixhobo zokudala nokulawula iindawo ezizimeleyo kunye neenkonzo ezakhiwe kusetyenziswa imodeli yophuhliso engenamncedisi (umsebenzi njengenkonzo). I-Firecracker ibonelela ngoomatshini abakhaphukhaphu, ababizwa ngokuba zii-microVMs, abasebenzisa itekhnoloji ye-hardware ye-virtualization ukubonelela ngokuzimela ngokupheleleyo ngelixa uhambisa ukusebenza kunye nokuguquguquka kwezikhongozeli zemveli. Ngokomzekelo, xa usebenzisa i-Firecracker, ixesha elisuka kumzuzu we-microVM iqaliswe ekuqaleni kokusetyenziswa kwesicelo alidluli i-125ms, ekuvumela ukuba uqalise oomatshini abatsha be-virtual kunye nobukhulu beendawo ze-150 ngomzuzwana.
Ukukhutshwa okutsha kwe-Firecracker yongeza indlela yokusebenza ngaphandle kokusungula umphathi we-API ("-no-api"), ukukhawulela indawo engqongileyo kuphela kwimimiselo enzima kwifayile yoqwalaselo. Uqwalaselo olungatshintshiyo lucaciswe kusetyenziswa "--config-file" ukhetho kwaye luchazwe kwifomathi ye-JSON. Ukusuka kwiinketho zomgca womyalelo, inkxaso ye-"-" isahluli nayo yongezwe, iiflegi ezichazwe emva kokuba zigqithiswe kwikhonkco ngaphandle kokucubungula.
IAmazon, ephuhlisa iFirecracker, nayo ekuboneleleni ngenkxaso kubaphuhlisi bolwimi lwenkqubo yeRust. Kuyaphawulwa ukuba iRust isetyenziswa ngakumbi kwiiprojekthi zenkampani kwaye uphuhliso kuyo sele luphunyeziwe kwiinkonzo ezifana neLambda, EC2 kunye ne-S3. I-Amazon ibonelele ngeprojekthi ye-Rust kunye nesiseko sokugcina ukukhutshwa kunye nokwakha kwi-S3, ukuqhuba iimvavanyo zokubuyisela kwi-EC2, kunye nokugcina indawo ye-docs.rs kunye namaxwebhu azo zonke iipakethi ezivela kwindawo yokugcina i-crates.io.
IAmazon nayo Inkqubo , apho iiprojekthi zomthombo ovulekileyo zinokufumana ukufikelela kwamahhala kwiinkonzo ze-AWS ezingasetyenziselwa ukugcina izixhobo, ukwakha, ukuhlanganiswa okuqhubekayo, kunye nokuvavanya. Phakathi kweeprojekthi esele zivunyiwe ukuba zithathe inxaxheba kule nkqubo, ngaphezu kweRust, AdoptOpenJDK, Maven Central, Kubernetes, Prometheus, uMthunywa kunye noJulia. Ungeniso luyamkelwa kuyo nayiphi na iprojekthi evulelekileyo enikezelwa phantsi kweelayisensi ezivunywe yi-OSI.
umthombo: opennet.ru