{"id":6986,"date":"2020-10-15T10:50:52","date_gmt":"2020-10-15T14:50:52","guid":{"rendered":"https:\/\/www.lpi.org\/xen-virtualization-and-cloud-computing-03-key-features-xen\/"},"modified":"2023-05-10T04:27:51","modified_gmt":"2023-05-10T08:27:51","slug":"xen-virtualization-and-cloud-computing-03-key-features-xen","status":"publish","type":"post","link":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/","title":{"rendered":"Xen Virtualization and Cloud Computing #03: Key Features of Xen"},"content":{"rendered":"<p>The previous articles in this series introduced virtualization and showed how Xen is designed to provide it efficiently. Here we\u2019ll delve into some interesting features and their importance. A larger list can be found at the appropriate <a href=\"https:\/\/wiki.xenproject.org\/wiki\/Xen_Project_Release_Features\" target=\"_blank\" rel=\"noopener\">project page on features<\/a>. At time of writing this article, the most recent version of Xen Project is 4.13.<\/p>\n<h3>Security-related features<\/h3>\n<p><a href=\"https:\/\/meltdownattack.com\/\" target=\"_blank\" rel=\"noopener\">The Meltdown and Spectre<\/a> processor vulnerabilities, which exploit complex performance-enhancing features of modern microprocessors, have presented formidable challenges to the developers of operating systems and application. Meltdown and Spectre were officially discovered in January 2018. \u00a0This section describes two enhancements to Xen to mitigate against these difficult vulnerabilities.<\/p>\n<p><figure class=\"image\" style=\"margin-right:10px; float:left\"><img decoding=\"async\" alt=\"Xen Panda Mascot\" height=\"210\" src=\"\/sites\/default\/files\/xen-panda-480.png\" width=\"200\" \/><br \/><figcaption><\/figcaption><\/figure>\n<\/p>\n<p>Meltdown, which affects Intel x86, IBM Power, and some ARM microprocessors, allows a malicious process to read data from any address that is mapped to the current process&#8217;s memory space. Effectively, the process can read all memory without permission. The malicious process accomplishes this by finding a timing flaw in the execution of several processor features (such as the cache and pipeline) that are individually secure. At the time of disclosure, this vulnerability affected many products, with impacts on an enormous number of servers and cloud providers. Companies began writing patches to block the Meltdown vulnerability, causing performance losses between 5 and 30 percent.<\/p>\n<p>Spectre also exploits modern performance features. In modern microprocessors, a digital circuit tries to guess the outcome of a conditional operation such as an \u201cif\u2026else\u201d statement, using information gathered before the execution of the program, and prepares for the most likely result. It. In other words, it tries to guess the way of an if-then-else statement will go before it knows it exactly. The name of this technique is branch prediction. It is an important component of modern CPU architectures such as the x86 and plays a critical role in achieving higher performance. Spectre exploits branch predication system to read arbitrary locations in the allocated memory of a program. This attack can be implemented in a browser using JavaScript, so it is important to keep your browser up to date.<\/p>\n<p>On March 15, 2018, Intel reported that it will redesign its CPU processors to help protect against Meltdown and Spectre. On October 8, 2018, Intel added firmware to its latest processors to mitigate against these attacks.<\/p>\n<h4>Hypervisor changes to mitigate against Meltdown and Spectre<\/h4>\n<p>The Xen hypervisor, like other products, was affected by these vulnerabilities, specifically:<\/p>\n<ul>\n<li>\u201cRogue Data Load\u201d (aka SP3, \u201cVariant 3\u201d, Meltdown, CVE-2017-5754)<\/li>\n<li>\u201cBranch Target Injection\u201d (aka SP2, \u201cVariant 2\u201d, Spectre CVE-2017-5715)<\/li>\n<li>\u201cBounds-check bypass\u201d (aka SP1, \u201cVariant 1\u201d, Spectre CVE-2017-5753)<\/li>\n<\/ul>\n<p>There is no way to completely prevent risks from these vulnerabilities, but adding execution boundaries and other checks to code can partially plug the holes. Thus, we talk about \u201cmitigating against\u201d the vulnerabilities.<\/p>\n<p>The initial focus of the Xen Project was on fixes for Meltdown, then Spectre Variant 2, and finally Spectre Variant 1. SP1 and SP2 affect Intel and AMD processors, but ARM processors vary by model and manufacturer. SP3 affects only Intel processors. To mitigate against Meltdown, the Xen Project published three solutions with the names Vixen, Comet, and PTI. Unfortunately, the fix to mitigate against SP1 requires microcode updates from Intel and AMD. Currently, therefore, there is no mitigation for SP1. But its attack surface can be reduced through technology contributed to the Xen Project by Citrix. It works by branch hardening.<\/p>\n<ul>\n<li>SP2 can be mitigated by a combination of microcode, compiler, and hypervisor changes.<\/li>\n<li>SP3 can be mitigated by page-table isolation (PTI).<\/li>\n<\/ul>\n<p>For more up-to-date information about these vulnerabilities and the Xen Project\u2019s responses, see <a href=\"https:\/\/xenbits.xen.org\/xsa\/advisory-254.html\" target=\"_blank\" rel=\"noopener\">our Advisory 254<\/a>.<\/p>\n<h3>Core Scheduling<\/h3>\n<p>This technology, contributed by SuSE Linux, helps to contain the negative effects of a Meltdown or Spectre breach. Normally, every virtual CPU could be scheduled on any physical CPU, and could move between physical CPUs for efficient scheduling. This increased the risk that information could be leaked from one VM to another, just as travel between cities allows an infection to spread faster. The only way to completely mitigate against this vulnerability is to disable hyper-threading, which would cause tremendous performance hits.<\/p>\n<p>The core scheduling feature allows Xen to group virtual CPUs and schedule them on a limited set of physical cores. With this technology, users can keep hyperthreading enabled. Initial benchmarks have shown lost performance for many workloads. SUSE and Citrix are working on the feature, and in upcoming releases we hope to see better trade-offs between security and performance.<\/p>\n<h3>Hypervisor-based Memory Introspection (HVMI)<\/h3>\n<p>This is technology donated by <a href=\"https:\/\/www.bitdefender.com\/\" target=\"_blank\" rel=\"noopener\">Bitdefender<\/a> to the Xen project on July 30, 2020 to protect against malware in the operating systems that run on Xen. <a href=\"https:\/\/xenproject.org\/developers\/teams\/hvmi\/\" target=\"_blank\" rel=\"noopener\">HVMI<\/a> has a key advantage over malware detection systems on guest operating systems: while smart malware can take over a whole guest and disable detection or prevention mechanisms on the guest, the malware has no way to reach into the underlying hypervisor.<\/p>\n<p>Malware has become extremely dangerous and hard to fight for several reasons:<\/p>\n<ul>\n<li>It can enter the system whenever a single unaware user on the system visits an infected web site or opens a file received from a trusted person.<\/li>\n<li>It can exploit operating system vulnerabilities to gain superuser privileges and take over the whole system. Very few operating systems divide privileges in order to limit malware to \u00a0one area.<\/li>\n<li>It has gotten sophisticated enough to hide its files or other traces from administrators, and to disable measures designed the thwart it.<\/li>\n<\/ul>\n<p>\nA remarkable story showing the power of malware concerns an attack known as <a href=\"https:\/\/www.rsa.com\/en-us\/blog\/2017-12\/anatomy-of-an-attack-carbanak\" target=\"_blank\" rel=\"noopener\">Carbanak<\/a>, which infected more than 100 banks in thirty nations and did $1 billion worth of damage globally. In late 2013, an investigation of a bank in Kiev revealed that stealth malware injected by Carbanak monitored the internal systems of the bank for several months successfully covering its tracks. The malware recorded every employee\u2019s activity and sent back videos and images to the intruder without drawing \u00a0any attention..<\/p>\n<p>The <a href=\"https:\/\/www.bitdefender.com\/\" target=\"_blank\" rel=\"noopener\">Bitdefender<\/a> name is familiar to all IT staff. It is a leading global cybersecurity company, protecting over 500 million systems worldwide. Bitdefender and Citrix collaborated on <a href=\"https:\/\/www.citrix.com\/products\/citrix-hypervisor\/\" target=\"_blank\" rel=\"noopener\">Citrix Hypervisor<\/a>. As we know, the hypervisor isolates VMs from each other and provide clean, low-level information about the memory used by each virtual machine. The result of this collaboration is a new security layer that can see everything happening in your infrastructure, but which Malware cannot reach. Bitdefender\u2019s Hypervisor Introspection (HVI) technology detects suspicious activities by working directly with raw memory. At this level, malware can\u2019t hide.<\/p>\n<p>Bitdefender HVI assumes that your systems are not clean, and you can command it to inject cleaning tools into the live virtual machines. The HVI already detects and blocks the most famous attacks, including Carbanak, Turla, APT28, NetTraveler, and Wild Neutron, without knowing the vulnerabilities used by the attackers.<\/p>\n<p>When Bitdefender decided to release HVI to Xen \u00a0as open source, they called it Hypervisor-based Memory Introspection (HVMI). The HVMI technology understands and applying security logic to memory events within running Linux and Windows VMs. It examines the memory in real time for signs of memory-based attack techniques that used to exploit known and unknown vulnerabilities.<\/p>\n<p>Along with this, Bitdefender open sourced its \u201dthin\u201d hypervisor technology, known as <a href=\"https:\/\/github.com\/napocahv\/napoca\" target=\"_blank\" rel=\"noopener\">Napoca<\/a>, and donated it to the Xen Project. The Napoca hypervisor was used in developing HVI technology. A distinctive feature of Napoca is that it virtualizes CPU and memory, not all hardware, and therefore allows hypervisor introspection on machines that don&#8217;t run a full hypervisor.<\/p>\n<h3>Management-related features<\/h3>\n<p>These features reduce the burden of managing hypervisors.<\/p>\n<h4>Late uCode loading<\/h4>\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Microcode\" target=\"_blank\" rel=\"noopener\">Microcode<\/a>, often shorted to \u201cuCode\u201d (where the \u201cu\u201d stands for the Greek letter mu), is chip manufacturer firmware, The uCode typically contains mitigations for HW vulnerabilities and is typically updated during system initialization or kernel boot. The update formerly required a reboot and a long down-time. Xen Project 4.13 lets the Xen Hypervisor deploy a uCode update without any reboot. This feature was contributed by Intel.<\/p>\n<h4>Upgraded live-patching<\/h4>\n<p>This is a mechanism for replacing small sections of code in a running hypervisor, so that you don\u2019t have to shut down the hypervisor and terminate all the VMs running on it. The feature is generally used to deploy critical security fixes.<\/p>\n<p><a href=\"https:\/\/xenbits.xen.org\/docs\/4.13-testing\/misc\/livepatch.html\" target=\"_blank\" rel=\"noopener\">Live-patching<\/a> has been around for a while in several Xen-based products, and was included as a tech preview feature since Xen 4.7. Now it is a supported feature on the x86 architecture. The patching does need all activity to be paused, but this pause time should be small. Amazon is working to improve this feature further. We plan to extend it to other architectures besides x86.<\/p>\n<p>Recent improvements to live-patching include the capability to patch inline assembly code, improvements to stacked modules, support for module parameters, additional hooks and replicable apply\/revert actions, extended python bindings for automation, and additional validation of live patches.<\/p>\n<p>Live-patching is not the final goal for \u00a0live updates, because it is limited to small, localized code changes. The Xen Project team is also working on a broader live update feature. When it\u2019s finished, an administrator will be able to upgrade a Xen hypervisor and its tools to a new version without stopping and relaunching the guests.<\/p>\n<h3>Embedded and safety-critical application features<\/h3>\n<p>These features support particular settings that need to run the hypervisor and VMs in unusual ways.<\/p>\n<h4>OP-TEE support<\/h4>\n<p>TrustZone is a security feature of ARM processors, allowing privileged users to run a process is memory shut off from access by other processes. Because there is only one trusted zone on each chip, <a href=\"https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity17\/sec17-hua.pdf\" target=\"_blank\" rel=\"noopener\">sharing it among multiple VMs is difficult<\/a>. Therefore, Xen did not originally offer TrustZone access to guest VMs. Thanks to a feature contributed by <a href=\"https:\/\/www.epam.com\/our-work\/brochures\/automotive-virtualization-by-xen\" target=\"_blank\" rel=\"noopener\">EPAM<\/a>, starting with Xen 4.13, all guests can concurrently run applications on Arm TrustZone without conflicts. More work need to be done on this feature, though.<\/p>\n<h4>Renesas R-CAR IPMMU-VMSA driver<\/h4>\n<p>Automobiles rely increasingly on software. Their multiple, concurrent software processes call for virtualization in order to protect the high-stakes security required in automobiles. Thus, many automotive systems use Xen hypervisors. Access to GPUs is valuable for the virtual processes, in order to achieve the real-time performance needed when the car is in motion, but this requires access to ARM&#8217;s Virtual Memory System Architecture (VMSA). Renesas has added this VMSA support to its ARM-based chips in Xen 4.13, and a driver contributed to the Xen Project by EPAM makes that access available to automobiles\u2019 computing systems.<\/p>\n<h4>Dom0-less passthrough and ImageBuilder<\/h4>\n<p>An earlier article in this series described the central role of the privileged domain, Dom0, in Xen. Because the presence of Dom0 adds significant time (measurable in seconds) to the loading of each VM, some embedded system developers have asked for a Dom0-less architecture. Many embedded \u00a0systems need to have several VMs up and running in less than a second after the user boots the system. The code to implement a Dom0-less architecture was contributed by Xilinx in 2018. The feature does not yet work with Paravirtualization, but works with other forms of Xen virtualization.<\/p>\n<p>Because there is no privileged process and no userspace tools in a Dom0-less Xen, systems using it must load guests using <a href=\"https:\/\/www.denx.de\/wiki\/U-Boot\" target=\"_blank\" rel=\"noopener\">U-Boot, an open-source boot loader<\/a>. The guest images must contain all the required binaries, such as operating system kernels and ramdisks. Thus, a new tool named <a href=\"https:\/\/wiki.xenproject.org\/wiki\/ImageBuilder\" target=\"_blank\" rel=\"noopener\">ImageBuilder<\/a>, whose <a href=\"https:\/\/gitlab.com\/ViryaOS\/imagebuilder\" target=\"_blank\" rel=\"noopener\">code is on GitLab<\/a>, is provided to automate the building of Dom0-less configurations for U-Boot.<\/p>\n<p>Figure 4 shows a Dom0-less architecture.<\/p>\n<p><figure class=\"image\" style=\"margin-right:10px; float:left\"><img fetchpriority=\"high\" decoding=\"async\" alt=\"Figure 4. Xen running without Dom0\" height=\"356\" src=\"\/sites\/default\/files\/xen-series-03.jpg\" width=\"1054\" \/><br \/><figcaption>Figure 4. Xen running without Dom0<\/figcaption><\/figure>\n<\/p>\n<p>The next component of this series examines the interesting relationship between Xen and some other forms of virtualization, notably containers.<br \/>\n\u00a0<\/p>\n<p class=\"rtecenter\"><a href=\"https:\/\/www.lpi.org\/blog\/2020\/10\/08\/xen-virtualization-and-cloud-computing-02-how-xen-does-job\" target=\"_self\" rel=\"noopener\">Read the previous post<\/a> | <a href=\"https:\/\/www.lpi.org\/blog\/2020\/10\/22\/xen-virtualization-and-cloud-computing-04-containers-openstack-and-other-related\" target=\"_self\" rel=\"noopener\">Read the next post<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The previous articles in this series introduced virtualization and showed how Xen is designed to provide it efficiently. Here we\u2019ll delve into some interesting features and their importance. A larger list can be found at the appropriate project page on &#8230; <a href=\"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/\" class=\"button-link\">Read more<\/a><\/p>\n","protected":false},"author":40,"featured_media":6987,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"country":[],"language":[304],"ppma_author":[521],"class_list":["post-6986","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","language-english"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Xen Virtualization and Cloud Computing #03: Key Features of Xen - Linux Professional Institute (LPI)<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/\" \/>\n<meta property=\"og:locale\" content=\"vi_VN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Xen Virtualization and Cloud Computing #03: Key Features of Xen\" \/>\n<meta property=\"og:description\" content=\"The previous articles in this series introduced virtualization and showed how Xen is designed to provide it efficiently. Here we\u2019ll delve into some interesting features and their importance. A larger list can be found at the appropriate project page on ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/\" \/>\n<meta property=\"og:site_name\" content=\"Linux Professional Institute (LPI)\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/LPIConnect\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-15T14:50:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-10T08:27:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/article-xen-virtualization-3-key-features-of-xen_0.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1440\" \/>\n\t<meta property=\"og:image:height\" content=\"994\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Mohsen Mostafa Jokar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@lpiconnect\" \/>\n<meta name=\"twitter:site\" content=\"@lpiconnect\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mohsen Mostafa Jokar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/\"},\"author\":{\"name\":\"Mohsen Mostafa Jokar\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#\\\/schema\\\/person\\\/20f839905ea7659b77af19d6b53f468d\"},\"headline\":\"Xen Virtualization and Cloud Computing #03: Key Features of Xen\",\"datePublished\":\"2020-10-15T14:50:52+00:00\",\"dateModified\":\"2023-05-10T08:27:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/\"},\"wordCount\":1933,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/article-xen-virtualization-3-key-features-of-xen_0.jpg\",\"inLanguage\":\"vi-VN\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/\",\"url\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/\",\"name\":\"Xen Virtualization and Cloud Computing #03: Key Features of Xen - Linux Professional Institute (LPI)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/article-xen-virtualization-3-key-features-of-xen_0.jpg\",\"datePublished\":\"2020-10-15T14:50:52+00:00\",\"dateModified\":\"2023-05-10T08:27:51+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#breadcrumb\"},\"inLanguage\":\"vi-VN\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"vi-VN\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/article-xen-virtualization-3-key-features-of-xen_0.jpg\",\"contentUrl\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/article-xen-virtualization-3-key-features-of-xen_0.jpg\",\"width\":1440,\"height\":994},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/blog\\\/2020\\\/10\\\/15\\\/xen-virtualization-and-cloud-computing-03-key-features-xen\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Xen Virtualization and Cloud Computing #03: Key Features of Xen\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#website\",\"url\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/\",\"name\":\"Linux Professional Institute (LPI)\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"vi-VN\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#organization\",\"name\":\"Linux Professional Institute (LPI)\",\"url\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"vi-VN\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/logo.png\",\"contentUrl\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/logo.png\",\"width\":496,\"height\":175,\"caption\":\"Linux Professional Institute (LPI)\"},\"image\":{\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/LPIConnect\",\"https:\\\/\\\/x.com\\\/lpiconnect\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/35136\",\"https:\\\/\\\/www.instagram.com\\\/lpi_org\\\/\",\"https:\\\/\\\/fosstodon.org\\\/@LPI\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/vi\\\/#\\\/schema\\\/person\\\/20f839905ea7659b77af19d6b53f468d\",\"name\":\"Mohsen Mostafa Jokar\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"vi-VN\",\"@id\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/picture-1145-1601557672-96x96.png66ae01b5d1fa9f703ffe70a5c6b66d28\",\"url\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/picture-1145-1601557672-96x96.png\",\"contentUrl\":\"https:\\\/\\\/www.lpi.org\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/picture-1145-1601557672-96x96.png\",\"caption\":\"Mohsen Mostafa Jokar\"},\"description\":\"Mohsen Mostafa Jokar is a Linux administrator and a virtualization engineer. His interest in virtualization goes back to school days, when he saw Microsoft Virtual PC for the first time. He installed it on a PC with 256 MB of RAM and used it for Virtualize Windows 98 and DOS. After that, Mohsen became interested in virtualization and got acquainted with more products. Along with virtualization, Mohsen became acquainted with GNU\\\/Linux. He installed LindowsOS as his first Linux distro, later becoming familiar with Fedora Core, Knoppix, RedHat, and other distributions. Using Linux OS, he got acquainted with bochs, but found it too slow, and after some research discovered Qemu. Qemu was faster than bochs, and installing the KQEMU module allowed him to do virtualization even faster. After Qemu, Mohsen got acquainted with Innotek VirtualBox and chose it as his main virtualization application. Innotek VirtualBox had a good GUI and was easy to use. Ultimately, Mohsen got acquainted with Xen, which he loves because it is strong, stable, and reliable. He has written a book about Xen with the name \\\"Hello Xen Project\\\" and made it available on the Xen wiki. He made it free in order to help make Xen more friendly and encourage beginners to use it as their first virtualization platform. He considers himself a \\\"Xen Soldier\\\". \\\"\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Xen Virtualization and Cloud Computing #03: Key Features of Xen - Linux Professional Institute (LPI)","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/","og_locale":"vi_VN","og_type":"article","og_title":"Xen Virtualization and Cloud Computing #03: Key Features of Xen","og_description":"The previous articles in this series introduced virtualization and showed how Xen is designed to provide it efficiently. Here we\u2019ll delve into some interesting features and their importance. A larger list can be found at the appropriate project page on ... Read more","og_url":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/","og_site_name":"Linux Professional Institute (LPI)","article_publisher":"https:\/\/www.facebook.com\/LPIConnect","article_published_time":"2020-10-15T14:50:52+00:00","article_modified_time":"2023-05-10T08:27:51+00:00","og_image":[{"width":1440,"height":994,"url":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/article-xen-virtualization-3-key-features-of-xen_0.jpg","type":"image\/jpeg"}],"author":"Mohsen Mostafa Jokar","twitter_card":"summary_large_image","twitter_creator":"@lpiconnect","twitter_site":"@lpiconnect","twitter_misc":{"Written by":"Mohsen Mostafa Jokar","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#article","isPartOf":{"@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/"},"author":{"name":"Mohsen Mostafa Jokar","@id":"https:\/\/www.lpi.org\/vi\/#\/schema\/person\/20f839905ea7659b77af19d6b53f468d"},"headline":"Xen Virtualization and Cloud Computing #03: Key Features of Xen","datePublished":"2020-10-15T14:50:52+00:00","dateModified":"2023-05-10T08:27:51+00:00","mainEntityOfPage":{"@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/"},"wordCount":1933,"commentCount":1,"publisher":{"@id":"https:\/\/www.lpi.org\/vi\/#organization"},"image":{"@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#primaryimage"},"thumbnailUrl":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/article-xen-virtualization-3-key-features-of-xen_0.jpg","inLanguage":"vi-VN","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/","url":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/","name":"Xen Virtualization and Cloud Computing #03: Key Features of Xen - Linux Professional Institute (LPI)","isPartOf":{"@id":"https:\/\/www.lpi.org\/vi\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#primaryimage"},"image":{"@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#primaryimage"},"thumbnailUrl":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/article-xen-virtualization-3-key-features-of-xen_0.jpg","datePublished":"2020-10-15T14:50:52+00:00","dateModified":"2023-05-10T08:27:51+00:00","breadcrumb":{"@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#breadcrumb"},"inLanguage":"vi-VN","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/"]}]},{"@type":"ImageObject","inLanguage":"vi-VN","@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#primaryimage","url":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/article-xen-virtualization-3-key-features-of-xen_0.jpg","contentUrl":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/article-xen-virtualization-3-key-features-of-xen_0.jpg","width":1440,"height":994},{"@type":"BreadcrumbList","@id":"https:\/\/www.lpi.org\/vi\/blog\/2020\/10\/15\/xen-virtualization-and-cloud-computing-03-key-features-xen\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.lpi.org\/vi\/"},{"@type":"ListItem","position":2,"name":"Xen Virtualization and Cloud Computing #03: Key Features of Xen"}]},{"@type":"WebSite","@id":"https:\/\/www.lpi.org\/vi\/#website","url":"https:\/\/www.lpi.org\/vi\/","name":"Linux Professional Institute (LPI)","description":"","publisher":{"@id":"https:\/\/www.lpi.org\/vi\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.lpi.org\/vi\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"vi-VN"},{"@type":"Organization","@id":"https:\/\/www.lpi.org\/vi\/#organization","name":"Linux Professional Institute (LPI)","url":"https:\/\/www.lpi.org\/vi\/","logo":{"@type":"ImageObject","inLanguage":"vi-VN","@id":"https:\/\/www.lpi.org\/vi\/#\/schema\/logo\/image\/","url":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/04\/logo.png","contentUrl":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/04\/logo.png","width":496,"height":175,"caption":"Linux Professional Institute (LPI)"},"image":{"@id":"https:\/\/www.lpi.org\/vi\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/LPIConnect","https:\/\/x.com\/lpiconnect","https:\/\/www.linkedin.com\/company\/35136","https:\/\/www.instagram.com\/lpi_org\/","https:\/\/fosstodon.org\/@LPI"]},{"@type":"Person","@id":"https:\/\/www.lpi.org\/vi\/#\/schema\/person\/20f839905ea7659b77af19d6b53f468d","name":"Mohsen Mostafa Jokar","image":{"@type":"ImageObject","inLanguage":"vi-VN","@id":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/picture-1145-1601557672-96x96.png66ae01b5d1fa9f703ffe70a5c6b66d28","url":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/picture-1145-1601557672-96x96.png","contentUrl":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/picture-1145-1601557672-96x96.png","caption":"Mohsen Mostafa Jokar"},"description":"Mohsen Mostafa Jokar is a Linux administrator and a virtualization engineer. His interest in virtualization goes back to school days, when he saw Microsoft Virtual PC for the first time. He installed it on a PC with 256 MB of RAM and used it for Virtualize Windows 98 and DOS. After that, Mohsen became interested in virtualization and got acquainted with more products. Along with virtualization, Mohsen became acquainted with GNU\/Linux. He installed LindowsOS as his first Linux distro, later becoming familiar with Fedora Core, Knoppix, RedHat, and other distributions. Using Linux OS, he got acquainted with bochs, but found it too slow, and after some research discovered Qemu. Qemu was faster than bochs, and installing the KQEMU module allowed him to do virtualization even faster. After Qemu, Mohsen got acquainted with Innotek VirtualBox and chose it as his main virtualization application. Innotek VirtualBox had a good GUI and was easy to use. Ultimately, Mohsen got acquainted with Xen, which he loves because it is strong, stable, and reliable. He has written a book about Xen with the name \"Hello Xen Project\" and made it available on the Xen wiki. He made it free in order to help make Xen more friendly and encourage beginners to use it as their first virtualization platform. He considers himself a \"Xen Soldier\". \""}]}},"views":1597,"authors":[{"term_id":521,"user_id":40,"is_guest":0,"slug":"mmjokarexample-com","display_name":"Mohsen Mostafa Jokar","avatar_url":"https:\/\/www.lpi.org\/wp-content\/uploads\/2023\/05\/picture-1145-1601557672-96x96.png","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/posts\/6986","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/comments?post=6986"}],"version-history":[{"count":2,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/posts\/6986\/revisions"}],"predecessor-version":[{"id":11201,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/posts\/6986\/revisions\/11201"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/media\/6987"}],"wp:attachment":[{"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/media?parent=6986"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/categories?post=6986"},{"taxonomy":"country","embeddable":true,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/country?post=6986"},{"taxonomy":"language","embeddable":true,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/language?post=6986"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.lpi.org\/vi\/wp-json\/wp\/v2\/ppma_author?post=6986"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}