Dom0 Disaggregation

From Xen
Jump to: navigation, search

Dom0 Dissaggregation

The Dom0 or control domain has traditionally been a monolithic privileged virtual machine. However, the original intention was for Dom0 to be carefully broken into several privileged service domains - termed Dom0 disaggregation. Qubes OS, Citrix XenClient, and Xoar have made the case for more disaggregation of Dom0 for purposes of better security, reliablity, isolation, and auditability.

Xoar architecture.jpg

In Practice

"Although domain 0 disaggregation is not new it is seldom used in practise and much of its use is focussed on providing enhanced security. Citrix XenServer will be moving towards a disaggregated domain 0 in order to provide better security, scalability, performance, reliability, supportability and flexibility."

Project “Windsor”: Domain 0 Disaggregation for XenServerXCP:


Personal tools