XenServer, Hyper-V, and ESXi - Architecture, API, and Coding

02/29/12

XenServer, Hyper-V, and ESXi - Architecture, API, and Coding

Agenda:

Humair [email protected]

All code available on GitHub and Personal Website:

https://github.com/HumairAhmedhttp://www.humairahmed.com/#Downloads

0. Quick hypervisor/market comparison1. Architecture/Installation Comparison – XenServer, Hyper-V, and ESXi2. API Comparison – XenServer, Hyper-V, and ESXi3. Review code and demo programs I wrote - XenServer, Hyper-V, and ESXi

1

0. Quick hypervisor/market comparison

02/29/12

XenServer, Hyper-V and ESXi - Architecture, API, and Coding

2

02/29/12


Gartner 2008 Analysis:http://virtualization.info/en/news/2008/10/gartner-updates-market-share-reports.html

3

1. Architecture/Installation Comparison – XenServer, Hyper-V, and ESXi

02/29/12


4

My Hyper-V Setup:

02/29/12

Hardware

Windows Server 2008 R2

Drivers


Full Installation of Windows Server 2008 R2

Enable the Hyper-V RoleIn Server Manager

2 nics on server connected to switch on private local area network

5

My Hyper-V Setup:

02/29/12 6

My Hyper-V Setup:

02/29/12

You can access Hyper-V Manager separately or from Server Manager:

7

Hardware

Is Hyper-V a True Type 1 Hypervisor?

02/29/12


Drivers

Hardware

Don 0 - Windows Server 2008 R2

Drivers

Virtual Machine

Hypervisor

Windows Server 2008 R2 Windows Server 2008 R2with Hyper-V installed

Install Hyper-VServer reboots a few times

8

Is Hyper-V a True Type 1 Hypervisor?

02/29/12

The hypervisor is installed below the Windows Server 2008 R2 Installation. The parent partition (Windows Server) is now on Dom 0 and becomes the management platform for the hypervisor and the hardware.

This is not the same as running as a process within the OS such asType 2 hypervisors like Fusion or VirtualBox.

There are actually three possible installation types for Hyper-V:

1. Server Core2. Full Installation3. Hyper-V server 2008 R2 (Free Version)

9

My XenServer Setup:

02/29/12

XenServer

Embedded Linux on Dom 0

2 nics on server connected to switch on private local area network

Hardware

Dom 0 - Linux

Drivers

Virtual Machine

Hypervisor

10

My XenServer Setup:

02/29/12

-The software layer hypervisor boots first. Runs in 64-bit mode.

-Next, the control domain boots, which is a 32-bit Linux-based embedded distribution.

-The control domain is a normal XenServer VM that has additional privileges granted to it which allows it to control host hardware devices and also create further guest domains.

-The XAPI management stack runs inside the control domain and manages all resources required for running guest domains.

It consists of a distributed database and control software which listens on the administration interface for XenAPI clients that issue control instructions.

Graphic Source: Citrix XenServer Website 11

My XenServer Setup:

02/29/12

Accessing the XenServer Pool via XenCenter:

12

My ESXi Setup:

02/29/12

Notice – no Dom 0 VM!!!!

2 nics on server connected to switch on private local area networkHypervisor

Hardware

Drivers

Virtual Machine

ESXi

Virtual Machine

13

My ESXi Setup:

02/29/12

Connecting to ESXi via vSphere Client:

14

Compare Hyper-V to XenServer

02/29/12

Hardware

Dom 0 - Windows Server 2008 R2

Drivers

Virtual Machine

Hypervisor

Look familiar?XenServer Hyper-V

Hardware

Dom 0 - Linux

Drivers

Virtual Machine

Hypervisor

15

Hypervisor

Compare XenServer to ESXi

02/29/12

Hardware

Dom 0 - Windows Server 2008 R2

Drivers

Virtual Machine

Hypervisor

Windows Server 2008 R2with Hyper-V installed

Hardware

Drivers

Virtual Machine

ESXi

Virtual Machine

16

Hypervisor

Compare Hyper-V to ESXi

02/29/12

Hardware

Drivers

Virtual Machine

ESXi

Virtual Machine

XenServer

Hardware

Dom 0 - Linux

Drivers

Virtual Machine

Hypervisor

17

Compare Hyper-V to ESXi to XenServer

02/29/12Graphic Source: VMware Website

Our competition negatively portrays VMware ESX Server as a “monolithic” hypervisor, but our experience and testing proves it to be the best design. -- Vmware Website

18

02/29/12

XenServer Networking

Graphic Source: Citrix XenServer Website

By default, VM network packets are bridged (default) at the Ethernet layer over the host NIC assigned to the virtual network interface in the VM. The bridge is similarto an Ethernet switch, ensuring traffic from VMs are isolated from each other at Layer 2.

Traffic can be isolated by using VLANs, which will tag the Ethernet traffic separately but still go over the same physical NIC on the host.

19

02/29/12


Graphic Source: http://cooker.techsnail.com/index.php/Virtualization-XEN

-The physical interface (usually eth0) on the physical host / Dom-0 is renamed to "peth0". “peth0” becomes the "uplink" of the Xen server to the physical switch. “peth0” is connected to the virtual bridge created by Xen.

-Virtual Network Interfaces (ex: vif0.0) are created in Dom-0 and act as network ports for the bridges and are connected to the virtual network interfaces (eth0) of each virtual machine.

20

02/29/12


21

02/29/12

Hyper-V Networking

Graphic Source: http://blogs.technet.com/b/tnmag/archive/2009/01/15/automating-virtual-machine-host-deployment.aspx22

02/29/12

Hyper-V Networking

Graphic Source: http://social.technet.microsoft.com/wiki/contents/articles/151.hyper-v-virtual-networking-survival-guide.aspx

-Similar to XenServer

-To create an external network in Hyper-V, a virtual network switch is created and bound to the selected physical adapter.

- A new virtual network adapter is created in the parent partition which is then connected to the virtual network switch. Virtual machines / child partitions can be bound to the virtual network switch by using virtual network adapters.

23

02/29/12

Hyper-V Networking

24

02/29/12

ESXi Networking

Graphic Source (Graphic 1): http://www.networkworld.com/community/node/24158

-Physical adapters are uplinks in vSwitches-Virtual adapters are connected to the vSwitches-Each port on a vSwitch is assigned to a port group-Each vNIC connects to a port within a port group on the vSwitch

25

02/29/12


2. API Comparison – XenServer, Hyper-V, and ESXi

26

02/29/12

XenServer, Hyper-V, and ESXi API Architecture

Graphic Source: Citrix XenServer Website 27

02/29/12

XenServer API

-The XAPI stack is written in Objective Caml (or Ocaml - a high-level, statically type-safe language).

Supposedly, this is to help prevent low-level memory corruption issues such as buffer overflows or integer overflows which could be used in malicious attacks over the administration network.

-The XAPI stack listens on port 80 (plain-text) and port 443 (SSL encrypted) for XenAPI requests.

-XenCenter uses the SSL port which ensure that traffic from the host is Encrypted. XenAPI clients may or may not use SSL.

28

02/29/12

XenServer API

-XenServer includes a XML-RPC based API.

XML-RPC is a web service approach used so PCs can call procedures on other PCs. Extensible Markup Language (XML) provides a vocabulary for describing Remote Procedure Calls (RPC), which are transmitted between computers using the HyperText Transfer Protocol (HTTP).

-The XenServer API can be called from a remote system or locally from the XenServer host.

-Remote calls are generally made securely over HTTPS, using port 443. RPC involves libraries on both sides of the connection creating and processing messages.

-There are five SDKs available, one for each of C, C#, Java, PowerShell, and Python.

29

02/29/12

XenServer API

1. The client makes a procedure call using XML-RPC. The call specifies a method name, parameters, and a target server.

2. The client packages the method name and parameters as XML and issues an HTTP POST request containing the request information to the target server.

3. An HTTP server receives the POST request and passes the XML content to an XML-RPC listener which parses the XML to get the method name and parameters and then calls the appropriate method, passing it the parameters.

4. The method on the server returns a response to the XML-RPC process and the

XML-RPC process packages the response as XML.

5.The web server returns the XML as the response to the HTTP POST request.

6. The client parses the XML and extracts the return value which is then passed as

the return value back to the client program and the client program continues processing with the return value.

HTTP is used which means that XML-RPC requests must be both synchronous and stateless.

30

XML-RPC Request Response Process

02/29/12

Hyper-V API

-There are two methods you can use to interact with Hyper-V:

1.Using Hyper-V’s Windows Management Instrumentation.

Microsoft also provides a command line interface to WMI called Windows Management Instrumentation Command-line (WMIC).

2. PowerShell Management Library for Hyper –V (Not officially supported by Microsoft)

** Note there are other language bindings available

31

02/29/12

Hyper-V API

-Windows Management Instrumentation is the standard API for Windows. It is built-in into the core Windows OS. WMI allows scripting languages like VBScript or Windows PowerShell to manage Windows PCs/servers

-PowerShell for Hyper-V is basically an extensive set of WMI interfaces: Around 108 or more classed prefixed with Msvm_

-There is a PowerShell module for Hyper-V that you can install on the client (http://pshyperv.codeplex.com/):

32

02/29/12

Hyper-V APIHyper-V WMI Classes:

33

02/29/12

Hyper-V API

34

-To use the Powershell API you must have a Remote Desktop Connection (RDC) with the Hyper-V machine.

-Install the PowerShell Module for Hyper-V

set-executionpolicy unrestricted

To run scripts on the system you must:

1. Either digitally sign the script or2. The easier method, but less secure, change your signing policy

- “set-executionpolicy unrestricted” in PowerShell

02/29/12

vSphere API

The vSphere API is exposed as a Web service which runs on VMware vSphere ESXi/vCenter. The API provides access to the vSphere management components.

The vSphere Web Services SDK provides interface/classes to interact with the vSphere system.

VI API Hypervisor

Hardware

HOSTD

SOAP/REST

VM Management

Tool

35

02/29/12

vSphere API

-Used VI Java API for prior project with vSphere ESXi:

36

VI Java API is a set of Java libraries that sits on top of existing vSphere SDK Web Services interfaces. It provides a full managed object model and run-time type checking, resulting in a dramatic productivity boost.

Web Service Engine + VIM Stubs

VI Java APIs

Application Application

----- HTTP/HTTPS

ESX / VirtualCenter Server

Java Runtime (JRE)

VI API Object Model

Add problem statement

02/29/12 37

02/29/12

3. Review code and demo programs I wrote - XenServer, Hyper-V, and ESXi


38

Citrix XenServer Source Code

02/29/12 39

• Used Tkinter library to develop GUI for easily managing XenServers• Also used the Pmw megawidgets library (which itself uses Tkinter as a base)

You will very quickly find there is little to no well written documentation on the Tkinter Python library. The Pmw megawidgets library has even less documentation.

However, there is ONE book which may help some:

"All in all, I think it's well worth the price, considering it's the only Tkinter book out there."--Jeff Blaine


02/29/12 40

• Used Python Binding to XML-RPC based API for managing, monitoring, and

performing operations on virtual machines.

You will very quickly find there that documentation for the Python binding is extremely lacking. If my life depended on it, I would not have used Python.

The Java binding has a nice JavaDoc which is extremely helpful and was even helpful developing in Python, although some classes were either not implemented or named very differently .

• JavaDoc, XenServer Management API Guide, XenServer Software Development Kit Guide, and experimenting are you best bet!


02/29/12 41


02/29/12 42

-Allows user to connect to a pool of XenServers via a GUI application

-In-case of emergency, user can logon to the slave host of the pool

-User can filter VMs in the pool by host

-User can perform some administrative functions like restart VM, suspend VM, resume VM, etc.

-User can take snap shots of VM

*******************Advanced Monitoring Feature************************ User can set advanced network monitoring on multiple VMs at the same time. If network monitoring detects a loss of network connectivity for a VM, a snapshot of that VM is automatically taken. *****************************************************************************


02/29/12 43


02/29/12 44


02/29/12 45


-The goal was to create a monitoring station that would ping each VM every few seconds. I decided to send two consecutive pings to each selected VM around every 5 seconds. If any two consecutive pings are missed, the management station should assume the VM has a network outage and immediately take a snapshot of the VM.


02/29/12 46


-The following classes were created :

* VMNetMonitor – Every ManagedVM has a VMNetMonitor object attribute

* Pinger – Every VMNetMonitor has a Pinger object attribute

* ping – Open source ICMP ping implementation that needs to be modified

to fit requirements. Every Pinger has a ping object attribute


02/29/12 47

-There is an open source Python-Ping implementation available - just search “Python-Ping” on GitHub.

-The problem was - to monitor, multiple VM’s at the same time, I had to make some changes not only so it would meet my requirements but also to make it thread-safe so I could use multiple threads to monitor multiple VMs at the same time!


What happens when you try to shutdown a guest that does nothave XenServer Tools installed?

02/29/12 48

* You must install XenServer Tools to be able to perform much of the Operations on Guest VMs

Checkout Full Source Code at:

http://humairahmed.com/#Downloads orhttps://github.com/HumairAhmed

Hyper-V Source Code

02/29/12 49

WMI MSVM_ComputerSystem object:

Represents a physical computer system or virtual computer system (VM)

PowerShell Module Equivalent = Get-Vm:

Returns WMI objects representing Hyper-V Virtual Machines

Hyper-V Source Code

02/29/12 50

Hyper-V Source Code

02/29/12 51



VMware ESXi Source Code

02/29/12 52

Used the Java Swing library for the UI to programmatically and easily manage ESXi via a GUI.

Used VI Java SDK API to manage the server; create, delete, start, stop, and monitor virtual machines; and import/export OVF.

• There is a managed object type called ManagedObject in the VI Java API and it captures all common properties and behaviors of all managed objects.

• Two classes used extensively for this project are both subclasses of the very important ManagedEntity class which is the immediate super-class for all other types in the inventory tree:

– HostSystem (Used for the Server level)

– VirtualMachine (Used for the VM level)

02/29/12 53


• Additional important classes:– ServiceInstance – first managed object seen in a typical application flow.

Used to connect and authenticate with the ESXi server

– ServerConnection – represents a connection to the server under a specific login user.

– InventoryNavigator – class used for helping to find managed entities inside the inventory

InventoryNavigator Example:

mes = new InventoryNavigator(rootFolder).searchManagedEntities("VirtualMachine");

mesHost = new InventoryNavigator(rootFolder).searchManagedEntities("HostSystem");

02/29/12 54



02/29/12 55


02/29/12 56



Questions

02/29/12 57

XenServer, Hyper-V, and ESXi - Architecture, API, and Coding

Technology

Transcript of XenServer, Hyper-V, and ESXi - Architecture, API, and Coding