Fengfeng Ning,Chuliang Weng,Yuan Luo

DOI: https://doi.org/10.1109/BigData.2013.6691700

2013-01-01

Abstract:With the development and popularization of cloud computing, more and more services and applications are migrated to cloud for the sake of low cost, high availability and excellent performance. As the foundation of cloud computing, virtualization technology integrates and reallocates the computing capability, storage and network resource fairly among virtual machines and provides a full-featured, isolated and reliable hardware environment for various operating systems. Owe to the virtualization technology, computing capability of virtual machines has achieved fantastic performance, some even achieve near native speed. However, low I/O performance is still a bottleneck, especially in I/O intensive applications. The leading causes include redundant data copy and frequent VM exits. Focusing on network I/O optimization, we design and implement virtsocket, a new network socket library in virtualization scenario which utilizes shared memory for data transmission. A ring buffer data structure stores I/O requests of virtual machine which is triggered to issue all requests with only one hypercall according to scheduler. Data referred in the I/O requests is read directly from virtual machine memory by host machine kernel module with interfaces provided by modified hypervisor. Experimental results show that throughput is improved by hundreds of times when compared with original virtualization scenario, and the latency also achieves a remarkable reduction. Both throughput and latency performance exceed existing para-virtualization solutions.

Kashyap Thimmaraju,Saad Hermak,Gábor Rétvári,Stefan Schmid

2024-03-04

Abstract:Multi-tenant cloud computing provides great benefits in terms of resource sharing, elastic pricing, and scalability, however, it also changes the security landscape and introduces the need for strong isolation between the tenants, also inside the network. This paper is motivated by the observation that while multi-tenancy is widely used in cloud computing, the virtual switch designs currently used for network virtualization lack sufficient support for tenant isolation. Hence, we present, implement, and evaluate a virtual switch architecture, MTS, which brings secure design best-practice to the context of multi-tenant virtual networking: compartmentalization of virtual switches, least-privilege execution, complete mediation of all network communication, and reducing the trusted computing base shared between tenants. We build MTS from commodity components, providing an incrementally deployable and inexpensive upgrade path to cloud operators. Our extensive experiments, extending to both micro-benchmarks and cloud applications, show that, depending on the way it is deployed, MTS may produce 1.5-2x the throughput compared to state-of-the-art, with similar or better latency and modest resource overhead (1 extra CPU). MTS is available as open source software.

Cryptography and Security,Networking and Internet Architecture

Xing Li,Xiaochong Jiang,Ye Yang,Lilong Chen,Tianyu Xu,Chao Xu,Longbiao Xiao,Fengmin Shi,Yi Wang,Taotao Wu,Yilong Lv,Hangfeng Gao,Zikang Chen,Yisong Qiao,Hongwei Ding,Yijian Dong,Chengkun Wei,Zihui Zhang,Shunmin Zhu,Wenzhi Chen

DOI: https://doi.org/10.1145/3603269.3610849

2023-01-01

Abstract:The vSwitch, as a critical component for Virtual Machine (VM) network connectivity in cloud environments, has prompted increasing attention towards its forwarding performance. While software optimization schemes have limitations in meeting the expanding network capacity demands [11, 12, 15, 17, 18], hardware offloading architectures leveraging SoC, FPGA, and ASIC have been proposed to transfer the match-action workload [1, 3, 6, 7, 13, 16], addressing the growing need for network capacity.

Kejiang Ye,Xiaohong Jiang,Deshi Ye,Dawei Huang

DOI: https://doi.org/10.1109/hpcc.2010.95

2010-01-01

Abstract:Virtualization brings many benefits such as improving system utilization and reducing cost through server consolidation. However, it also introduces isolation problem when running multiple virtual machine workloads in one physical platform. Additionally, with the advent of multi-core technology, more and more cores are built into one die in today's data center that will share and compete for the resource like cache. It's worthy to study the isolation of server consolidation in modern multi-core platform. However, to our knowledge there are few work done on the isolation property especially the fault isolation property when one of the virtual machine workloads is attacked in server consolidation. In this paper, we study the isolation property from performance perspective and provide two optimization methods to improve the isolation property. We first define the isolation property and quantify the performance isolation in consolidation and propose a VM-level optimization method. Then we study the fault isolation by introducing a misbehavior virtual machine in server consolidation scenario and propose a core-level cache-aware optimization method to improve the fault isolation. Experimental results show that our two optimization methods can effectively improve the performance isolation and fault isolation with 29.39% and 19.52% respectively. What's more, Oprofile/Xenoprof toolkits are used to find out the factors affecting isolation property from the hardware events level.

Fan-Fu Zhou,Ru-Hui Ma,Jian Li,Li-Xia Chen,Wei-Dong Qiu,Hai-Bing Guan

DOI: https://doi.org/10.1007/s11390-016-1614-x

2016-01-01

Abstract:The increasing requirements of intensive interoperaterbility among the distributed nodes desiderate the high performance network connections, owing to the substantial growth of cloud computing and datacenters. Network I/O virtualization aggregates the network resource and separates it into manageable parts for particular servers or devices, which provides effective consolidation and elastic management with high agility, flexibility and scalability as well as reduced cost and cabling. However, both network I/O virtualization aggregation and the increasing network speed incur higher traffic density, which generates a heavy system stress for I/O data moving and I/O event processing. Consequently, many researchers have dedicated to enhancing the system performance and alleviating the system overhead for high performance networking virtualization. This paper first elaborates the mainstreaming I/O virtualization methodologies, including device emulation, split-driver model and hardware assisted model. Then, the paper discusses and compares their specific advantages in addition to performance bottlenecks in practical utilities. This paper mainly focuses on the comprehensive survey of stateof-the-art approaches for performance optimizations and improvements as well as the portability management for network I/O virtualization. The approaches include various novel data delivery schemes, overhead mitigations for interrupt processing and adequate resource allocations for dynamic network states. Finally, we highlight the diversity of I/O virtualization besides the performance improvements in network virtualization infrastructure.

Diming Zhang,Hao Wu,Fei Xue,Liangqiang Chen,Hao Huang

DOI: https://doi.org/10.1109/ICPADS.2017.00047

2017-01-01

Abstract:Today extending virtualization technology into high-performance, cluster platforms generates exciting new possibilities, including dynamic allocation of resources to job, easier to share resources between different jobs, easy checkpointing of jobs, and deployment of job-specific work environment. However, there still exists an I/O scalability problem in virtualization layer which may impede virtualization technology to be widely used in high-performance computing. Because we meet a sharp performance degradation when a virtual machine uses the multiqueue high performance non-volatile storage device as the secondary storage. Such a problem is caused by the current virtual block I/O layer which uses only one I/O thread to handle all I/O operations to a virtualized storage device. As the number of I/O intensive workloads increases, the rate of mutex contention of the I/O thread is accelerated because only one of them is allowed to run at any given instant. Therefore, it is the key problem that should be settled immediately so as to improve block I/O performance in virtualization. In this paper, we propose a novel design of high performance block I/O stack to solve this problem. The workloads will be free of the I/O contention inside the hypervisor by using the proposed method which uses multi-threaded I/O threads to handle all I/O operations to one storage device in parallel. Meanwhile, we use switch-less mechanisms to reduce the overhead caused by sending notification between a VM and its hypervisor; and improve I/O affinity by assigning a distinct dedicated core to each I/O thread in order to eliminate unnecessary scheduling. The prototype system is implemented on Linux 3.19 kernel and Quick Emulator (QEMU) 2.3.1. We deploy it to the POWER8 server for a detailed evaluation. The experimental results show that the proposed architecture scales graciously with multi-core environment. For example, test on 10-ways parallel I/O intensive workloads gets an 800\% increase than the single core implementation, indicating that the block I/O performance in a virtual machine is close to that of a bare metal system.

Florian Wiedner,Max Helm,Alexander Daichendt,Jonas Andre,Georg Carle

DOI: https://doi.org/10.1016/j.peva.2024.102442

IF: 2.205

2024-09-01

Performance Evaluation

Abstract:Packet processing in current network scenarios faces complex challenges due to the increasing prevalence of requirements such as low latency, high reliability, and resource sharing. Virtualization is a potential solution to mitigate these challenges by enabling resource sharing and on-demand provisioning; however, ensuring high reliability and ultra-low latency remains a key challenge. Since bare-metal systems are often impractical because of high cost and space usage, and the overhead of virtual machines (VMs) is substantial, we evaluate the utilization of containers as a potential lightweight solution for low-latency packet processing. Herein, we discuss the benefits and drawbacks and encourage container environments in low-latency packet processing when the degree of isolation of customer data is adequate and bare metal systems are unaffordable. Our results demonstrate that containers exhibit similar latency performance with more predictable tail-latency behavior than bare metal packet processing. Moreover, deciding which mainboard architecture to use, especially the cache division, is equally vital as containers are prone to higher latencies on more shared caches between cores especially when other optimizations cannot be used. We show that this has a higher impact on latencies within containers than on bare metal or VMs, resulting in the selection of hardware architectures following optimizations as a critical challenge. Furthermore, the results reveal that the virtualization overhead does not impact tail latencies.

computer science, theory & methods, hardware & architecture

Kun Cheng,Yuebin Bai,Yongwang Zhao,Yao Ma,Duo Lu,Yuanfeng Peng,Minxuan Zhou

DOI: https://doi.org/10.1016/j.jss.2015.12.002

IF: 3.5

2016-01-01

Journal of Systems and Software

Abstract:Despite the rapid development and the wide use, virtualization confronts new challenges on improving network I/O performance. For virtual machines co-existed on a server, inter-VM network performance turns out to be worse than expected. Although many efforts have been dedicated to that issue on paravirtualized (PV) machines, HVMs (Hardware Virtual Machines) get less attention. However, co-resident HVMs are also suffering from low network I/O performance which troubles IaaS cloud infrastructure providers. Such problem is prominent as in the front-back network model several performance bottlenecks appear when inter-VM traffic is being handled.In this paper, we propose a novel approach and implement a prototype called "(HVM)-M-2" to optimize inter-HVM network performance, which mainly address the throughput issues. (HVM)-M-2 takes advantages of the existing mechanisms for HVMs provided by Xen and is totally hardware independent. Unlike the existing idea, (HVM)-M-2 pushes data to the receivers without using shared memory buffer to transfer the pending network data. To evaluate our work, we test and compare network response time, network throughput and CPU utilization with other popular approaches such as SR-IOV. The result shows that the new communication model has great improvements in network delay and throughput with little pressure on Domain-0. (c) 2015 Elsevier Inc. All rights reserved.

Ziyong Li,Yuxiang Hu,Jiangxing Wu,Le Tian,Tao Hu,Zehua Guo

DOI: https://doi.org/10.1109/mnet.126.2200295

IF: 10.294

2024-01-01

IEEE Network

Abstract:Network virtualization allows multiple logical networks to coexist on the same physical infrastructure. However, existing virtualization techniques do not work well for data plane. Software-based virtualization techniques suffer from poor performance due to high virtualization overhead while hardware-based virtualization techniques are not flexible due to limited programmability. In this paper, we present Virtualizing Programmable Data Plane (VirtPDP), an architecture to achieve scalability, flexibility, and isolation simultaneously. Specifically, VirtPDP proposes a parallel pipeline structure by extending programmable data plane to parallelly execute multiple virtual networks on a programmable switch. With VirtPDP, each virtual network runs independently to guarantee performance isolation. Additionally, VirtPDP uses a multi-controller control plane structure to independently manage virtual networks on the programmable switch. We implement the VirtPDP prototype both on BMv2 target and Tofino target. The experimental results show that compared to existing work, VirtPDP not only realizes parallel operation of multiple virtual networks with low performance loss, but also provides better flexibility and scalability. Meanwhile, Tofino-based VirtPDP performs much better than DPDK-based NativeP4 while realizing the coexistence of multiple virtual networks.

Zhifeng Zhao,Feng Hong,Rongpeng Li

DOI: https://doi.org/10.1109/ACCESS.2017.2762362

IF: 3.9

2017-01-01

IEEE Access

Abstract:Nowadays, cloud computing networks significantly benefit the deployment of new services and have become one infrastructure provider in the digital society. The virtual extensible local area network (VxLAN), which belongs to the network schemes to overlay Layer 2 over Layer 3, is one of the most popular methods to realize cloud computing networks. Though VxLAN partially overcomes the capacity limitation of its predecessor virtual local area network, it still faces several challenges like annoying signaling overhead during the multicast period and interrupted communication with a migrating virtual machine (VM). In this paper, we propose a new software defined network (SDN) based VxLAN network architecture. Based on this architecture, we address how we can deploy an intelligent center to enhance the multicast capability and facilitate the VM migration. Besides, we discuss the means to update the global information and guarantee the communication continuum. Finally, we use Mininet to emulate this SDN based VxLAN architecture and demonstrate effective load balancing results. In a word, this proposed architecture could provide a blueprint for future cloud computing networks.

WL Zhang,YF Shen,H Song,Zh Zhang,K Liu,Q Huang,MY Chen

2022-01-01

Abstract: TCP/IP network stack is irreplaceable for Web services in datacenter front-end servers, and the demand for which is growing rapidly for emerging high concurrency network service applications (including Internet, Internet of Things, mobile Internet, etc.) especially. The existing network stack schemes often face the dilemma between the data center server resource utilization (i.e., high CPU efficiency) and application service quality (i.e., low tail latency). We break this dilemma via a flexible architectural design QStack, which simultaneously achieves CPU efficiency and low tail latency in user-space network stack for front-end datacenter server. QStack proposes elastic framework and application definable full-datapath priority, such that the network stack collaboration among CPU cores horizontally and coordination across network layers in fine grained vertically on demand. We prototype QStack on commodity servers. Testbed experiments demonstrate the effectiveness of QStack over state-of-the-art user-space network stack designs.

Jian Li,Shuai Xue,Wang Zhang,Ruhui Ma,Zhengwei Qi,Haibing Guan

DOI: https://doi.org/10.1109/tcc.2017.2712686

IF: 5.697

2019-01-01

IEEE Transactions on Cloud Computing

Abstract:High performance networking interface cards (NIC) have become essential networking devices in commercial cloud computing environments. Therefore, efficient and scalable I/O virtualization is one of the primary challenges on virtualized cloud computing platforms. Single Root I/O Virtualization (SR-IOV) is a network interface technology that eliminates the overhead of redundant data copies and the virtual network switches through direct I/O in order to achieve nearly natural I/O performance. However, the SR-IOV still suffers from serious problems due to the high overhead for processing excessive network interrupts as well as the unpredictable and bursty traffic load in high-speed networking connections. In this paper, the defects of SR-IOV with 10 Gigabit Ethernet networking are studied first and two major challenges are identified: excessive interrupt rate and single threaded virtual network driver. Second, two interrupt rate control optimization schemes, called coarse-grained interrupt rate (CGR) control and adaptive interrupt rate (AIR) control are proposed. The proposed control schemes can significantly reduce the overhead and enhance the SR-IOV performance compared with the traditional driver with fixed interrupt throttle rate (FIR). In addition, multi-threaded VF driver (MTVD) is proposed that allows the SR-IOV VFs to leverage multi-core resources in order to achieve high scalability. Finally, these optimizations are implemented and detailed performance evaluations are conducted. The results show that CGR and AIR can improve the throughput by 2.26x and 2.97x while saving the CPU resources by 1.23 core and 1.44 core, respectively. The MTVD can achieve 2.03x performance with additional 1.46 cores consumption for VM using the SR-IOV driver.

Wenli Zhang,Yifan Shen,Hui Song,Zhao Zhang,Ke Liu,Qun Huang,Mingyu Chen

DOI: https://doi.org/10.48550/arXiv.2210.08432

2022-01-01

Abstract:TCP/IP network stack is irreplaceable for Web services in datacenter front-end servers, and the demand for which is growing rapidly for emerging high concurrency network service applications (including Internet, Internet of Things, mobile Internet, etc.) especially. The existing network stack schemes often face the dilemma between the data center server resource utilization (i.e., high CPU efficiency) and application service quality (i.e., low tail latency). We break this dilemma via a flexible architectural design QStack, which simultaneously achieves CPU efficiency and low tail latency in user-space network stack for front-end datacenter server. QStack proposes elastic framework and application definable full-datapath priority, such that the network stack collaboration among CPU cores horizontally and coordination across network layers in fine grained vertically on demand. We prototype QStack on commodity servers. Testbed experiments demonstrate the effectiveness of QStack over state-of-the-art user-space network stack designs.

Zongpu Zhang,Chenbo Xia,Cunming Liang,Jian Li,Chen Yu,Tiwei Bie,Roberts Martin,Daly Dan,Xiao Wang,Yong Liu,Haibing Guan

DOI: https://doi.org/10.1109/tc.2024.3375589

IF: 3.183

2024-01-01

IEEE Transactions on Computers

Abstract:I/O virtualization is utilized by cloud platforms to provide tenants with efficient, scalable, and manageable network and storage services. The de-facto industrial standard, paravirtualization, offers rich cloud functionality by introducing split front-end and back-end drivers in the guest and host operating systems, respectively. Given this fact, paravirtualization incurs host inefficiency and performance overhead. Thus, emerging hardware virtio accelerators (i.e., SRIOV-capable devices that conform to virtio specification) with device passthrough technologies mitigate the performance issue. However, adopting these devices presents the challenge of insufficient support for live migration.This paper proposes Un-IOV, a novel I/O virtualization system that simultaneously achieves bare-metal level I/O performance and migratability. The key idea is to develop a new hybrid virtualization stack with: (1) a host-bypassed direct data path for virtio accelerators, and (2) a relayed control path guaranteeing seamless live migration support. Un-IOV achieves high scalability by consuming minimum host resources. Extensive experiment results demonstrate that Un-IOV achieves superior network and storage virtualization performance than software implementations with comparable performance of direct passthrough I/O virtualization, while imposing zero guest modification (i.e., guest transparency).

Dingji Li,Zeyu Mi,Chenhui Ji,Yifan Tan,Binyu Zang,Haibing Guan,Haibo Chen

2023-01-01

Abstract:Existing confidential VMs (CVMs) experience notable network performance overhead compared to traditional VMs. We present the first thorough performance analysis of various network-intensive applications in CVMs and find that the CVM-IO tax, which mainly comprises the bounce buffer mechanism and the packet processing in CVMs, has a significant impact on network I/O performance. Specifically, the CVM-IO tax squeezes out virtual CPU (vCPU) resources of performance-critical application workloads and may occupy more than 50% of CPU cycles. To minimize the CVM-IO tax, this paper proposes Bifrost, a novel para-virtualized I/O design that 1) eliminates the I/O payload bouncing tax by removing redundant encryption and 2) reduces the packet processing tax via pre-receiver packet reassembly, while still ensuring the same level of security guarantees. We have implemented a Bifrost prototype with only minor modifications to the guest Linux kernel and the userspace network I/O backend. Evaluation results on bothAMD and Intel servers demonstrate that Bifrost significantly improves the performance of I/O-intensive applications in CVMs, and even outperforms the traditional VM by up to 21.50%.

Huailiang Tan,Lianjun Huang,Zaihong He,Youyou Lu,Xubin He

DOI: https://doi.org/10.1016/j.jnca.2013.05.010

IF: 7.574

2014-01-01

Journal of Network and Computer Applications

Abstract:In a consolidated server system that uses virtualization, accesses to physical network devices from guest virtual machines (DomUs) need to be coordinated. In this environment, virtualized network devices are required to service workloads executing concurrently from multiple DomUs, with potentially diverse network data delivery requirements. Although a number of methods have been developed for I/O performance virtualization among multiple DomUs, previously proposed researches focused either on improving network I/O performance and lowering overhead from hardware and software, or on achieving network I/O fairness by directly applying special physical network interface cards. We argue that it is important to allocate network I/O bandwidth fairly and stably among multiple DomUs based on pure software approaches and not to hinder live migration and portability of virtual machines. This paper proposes Dynamic Mapping of Virtual Link (DMVL) method, which prevents the interference between multiple DomUs by introducing separated Logical Data Path (LDP) and I/O request queue for each DomU. In DMVL, several techniques are employed. Firstly, we provide isolated I/O bandwidth guarantees to each DomU by mapping a separate LDP to I/O device for each DomU and using multi-queue. Then, the adjusted LDP bandwidth quantity is converted into adjusted credit count, and credit transferring and updating methods based on shared logs are introduced to adjust LDPs bandwidth dynamically. Finally, we improve lottery scheduling algorithm based on shared logs to implement adaptive bandwidth adjustment to meet proportional multi-queue scheduling at lower cost. The proposed techniques are implemented on the Xen virtual network, and evaluated with micro-benchmarks and simulated workloads on Linux guest operating systems. Experimental results show that DMVL improves fairness by at least 60% and stability by at least 29% in the cases of three or more virtual DomUs running on the same physical host.

Arsany Basta,Andreas Blenk,Wolfgang Kellerer,Stefan Schmid

DOI: https://doi.org/10.48550/arXiv.1704.08958

2017-04-28

Abstract:Ideally, by enabling multi-tenancy, network virtualization allows to improve resource utilization, while providing performance isolation: although the underlying resources are shared, the virtual network appears as a dedicated network to the tenant. However, providing such an illusion is challenging in practice, and over the last years, many expedient approaches have been proposed to provide performance isolation in virtual networks, by enforcing bandwidth reservations. We in this paper study another source for overheads and unpredictable performance in virtual networks: the hypervisor. The hypervisor is a critical component in multi-tenant environments, but its overhead and influence on performance are hardly understood today. In particular, we focus on OpenFlow-based virtualized Software Defined Networks (vSDNs). Network virtualization is considered a killer application for SDNs: a vSDN allows each tenant to flexibly manage its network from a logically centralized perspective, via a simple API. For the purpose of our study, we developed a new benchmarking tool for OpenFlow control and data planes, enabling high and consistent OpenFlow message rates. Using our tool, we identify and measure controllable and uncontrollable effects on performance and overhead, including the hypervisor technology, the number of tenants as well as the tenant type, as well as the type of OpenFlow messages.

Networking and Internet Architecture

Anna Panagopoulou,Michele Paolino,Daniel Raho

2023-04-04

Abstract:Recently, FPGA accelerators have risen in popularity as they present a suitable way of satisfying the high-computation and low-power demands of real time applications. The modern electric transportation systems (such as aircraft, road vehicles) can greatly profit from embedded FPGAs, which incorporate both high-performance and flexibility features into a single SoC. At the same time, the virtualization of FPGA resources aims to reinforce these systems with strong isolation, consolidation and security. In this paper, we present a novel virtualization framework aimed for SoC-attached FPGA devices, in a Linux and QEMU/KVM setup. We use Virtio as a means to enable the configuration of FPGA resources from guest systems in an efficient way. Also, we employ the Linux VFIO and Device Tree Overlays technologies in order to render the FPGA resources dynamically accessible to guest systems. The ability to dynamically configure and utilize the FPGA resources from a virtualization environment is described in details. The evaluation procedure of the solution is presented and the virtualization overhead is benchmarked as minimal (around 10%) when accessing the FPGA devices from guest systems.

Operating Systems

Dongyang Wang,Binzhang Fu,Gang Lu,Kun Tan,Bei Hua

DOI: https://doi.org/10.1145/3313808.3313813

2019-01-01

Abstract:RDMA has been widely adopted as a promising solution for high performance networks, but is still unavailable for a large number of socket-based applications running in public clouds due to the following reasons. There is no available virtualization technique of RDMA that can meet the cloud's requirements. Moreover, it is cost prohibitive to rewrite the socket-based applications with the Verbs API. To address the above problems, we present vSocket, a software-based RDMA virtualization framework for socket-based applications in public clouds. vSocket takes into account the demands of clouds such as security rules and network isolation, so it can be deployed in the current public clouds. Furthermore, vSocket provides native socket API so that socket-based applications can use it without any modifications. Finally, to validate the performance gains, we implemented a prototype and compared it with current virtual network solutions against 1) basic network benchmarks and 2) the Redis, a typical I/O intensive application. Experimental results show that the latency of basic benchmarks can be reduced by 88% and the throughput of Redis is improved by 4 times.

Haibing Guan,Ruhui Ma,Jian Li

DOI: https://doi.org/10.1109/TCC.2014.2314649

2014-01-01

Abstract:Single-root I/O virtualization (SR-IOV) has become the de facto standard of network virtualization in cloud infrastructure. Owing to the high interrupt frequency and heavy cost per interrupt in high-speed network virtualization, the performance of network virtualization is closely correlated to the computing resource allocation policy in Virtual Machine Manager (VMM). Therefore, more sophisticated methods are needed to process irregularity and the high frequency of network interrupts in high-speed network virtualization environment. However, the I/O-intensive and CPU-intensive applications in virtual machines are treated in the same manner since application attributes are transparent to the scheduler in hypervisor, and this unawareness of workload makes virtual systems unable to take full advantage of high performance networks. In this paper, we discuss the SR-IOV networking solution and show by experiment that the current credit scheduler in Xen does not utilize high performance networks efficiently. Hence we propose a novel workload-aware scheduling model with two optimizations to eliminate the bottleneck caused by scheduler. In this model, guest domains are divided into I/O-intensive domains and CPU-intensive domains according to their monitored behaviour. I/O-intensive domains can obtain extra credits that CPU-intensive domains are willing to share. In addition, the total number of credits available is adjusted to accelerate the I/O responsiveness. Our experimental evaluations show that the new scheduling models improve bandwidth and reduce response time, by keeping the fairness between I/O-intensive and CPU-intensive domains. This enables virtualization infrastructure to provide cloud computing services more efficiently and predictably.