OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

Similar documents
references Virtualization services Topics Virtualization

Virtualization. Pradipta De

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

CSCE 410/611: Virtualization!

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

24-vm.txt Mon Nov 21 22:13: Notes on Virtual Machines , Fall 2011 Carnegie Mellon University Randal E. Bryant.

Virtualization. Dr. Yingwu Zhu

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

Advanced Operating Systems (CS 202) Virtualization

Virtualization and memory hierarchy

COS 318: Operating Systems. Virtual Machine Monitors

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Learning Outcomes. Extended OS. Observations Operating systems provide well defined interfaces. Virtual Machines. Interface Levels

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

Virtualization History and Future Trends

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

CSCE 410/611: Virtualization

Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II

Linux and Xen. Andrea Sarro. andrea.sarro(at)quadrics.it. Linux Kernel Hacking Free Course IV Edition

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

CSE 120 Principles of Operating Systems

Virtualization. Part 1 Concepts & XEN

Server Virtualization Approaches

CHAPTER 16 - VIRTUAL MACHINES

Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018

Cloud Computing Virtualization

Virtual Machines. To do. q VM over time q Implementation methods q Hardware features supporting VM q Next time: Midterm?

Portland State University ECE 587/687. Virtual Memory and Virtualization

Module 1: Virtualization. Types of Interfaces

CS5460: Operating Systems. Lecture: Virtualization. Anton Burtsev March, 2013

Concepts. Virtualization

Lecture 4: Extensibility (and finishing virtual machines) CSC 469H1F Fall 2006 Angela Demke Brown

Virtual Machine Monitors (VMMs) are a hot topic in

Virtualization. Adam Belay

Xen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016

CS 550 Operating Systems Spring Introduction to Virtual Machines

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

CS370 Operating Systems


Overview of System Virtualization: The most powerful platform for program analysis and system security. Zhiqiang Lin

Xen and the Art of Virtualization

VIRTUALIZATION: IBM VM/370 AND XEN

Xen and the Art of Virtualization

DISCO and Virtualization

Introduction to Virtual Machines. Carl Waldspurger (SB SM 89 PhD 95) VMware R&D

On the DMA Mapping Problem in Direct Device Assignment

Operating Systems 4/27/2015

Chapter 5 C. Virtual machines

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

We ve seen lots of examples of virtualization. This is another: a virtual machine monitor. A VMM virtualizes an entire hardware machine.

CHAPTER 16 - VIRTUAL MACHINES

CS 5600 Computer Systems. Lecture 11: Virtual Machine Monitors

Virtualization and Virtual Machines. CS522 Principles of Computer Systems Dr. Edouard Bugnion

Lecture 5: February 3

NON SCHOLAE, SED VITAE

Distributed Systems COMP 212. Lecture 18 Othon Michail

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

Mach External pager. IPC Costs. Why the difference? Example of IPC Performance. First generation microkernels were slow Mach, Chorus, Amoeba

Knut Omang Ifi/Oracle 6 Nov, 2017

CSC 5930/9010 Cloud S & P: Virtualization

Virtual Virtual Memory

Xen and the Art of Virtualization. Nikola Gvozdiev Georgian Mihaila

Lecture 5. KVM for ARM. Christoffer Dall and Jason Nieh. 5 November, Operating Systems Practical. OSP Lecture 5, KVM for ARM 1/42

CS 470 Spring Virtualization and Cloud Computing. Mike Lam, Professor. Content taken from the following:

Virtual Machine Systems

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Xen is not just paravirtualization

COLORADO, USA; 2 Usov Aleksey Yevgenyevich - Technical Architect, RUSSIAN GOVT INSURANCE, MOSCOW; 3 Kropachev Artemii Vasilyevich Manager,

CSCI 8530 Advanced Operating Systems. Part 19 Virtualization

Virtual machine architecture and KVM analysis D 陳彥霖 B 郭宗倫

[537] Virtual Machines. Tyler Harter

CS370 Operating Systems

Dynamic Translator-Based Virtualization

Virtual Machine Monitors!

1 Virtualization Recap

Introduction to Virtual Machines. Michael Jantz

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Computer Systems Engineering: Spring Quiz I Solutions

Virtualization, Xen and Denali

Mechanisms and constructs for System Virtualization

W H I T E P A P E R. Virtual Machine Monitor Execution Modes in VMware vsphere 4.0

CS370: Operating Systems [Spring 2016] Dept. Of Computer Science, Colorado State University

Nested Virtualization and Server Consolidation

Virtual Memory. Lecture for CPSC 5155 Edward Bosworth, Ph.D. Computer Science Department Columbus State University

Lecture 3 Memory Virtualization Larry Rudolph

CprE Virtualization. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University

Faithful Virtualization on a Real-Time Operating System

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University

MEMORY HIERARCHY DESIGN. B649 Parallel Architectures and Programming

Intel Virtualization Technology Roadmap and VT-d Support in Xen

System Virtual Machines

Virtualization. Virtualization

TDDI04, K. Arvidsson, IDA, Linköpings universitet Operating System Structures. Operating System Structures Overview. Operating System Services

I/O and virtualization

Today s Papers. Virtual Machines Background. Why Virtualize? EECS 262a Advanced Topics in Computer Systems Lecture 19

System Virtual Machines

Transcription:

Virtualization Basics Motivation OS Virtualization CSC 456 Final Presentation Brandon D. Shroyer Types of Virtualization Process virtualization (Java) System virtualization (classic, hosted) Emulation (QEMU) OS Virtualization Formal Requirements The guest operating system model Introduction Virtualization: Providing an interface to software that maps to some underlying system. A one-to-one mapping between a guest and the host on which it runs [9, 10]. Virtualized system should be an efficient, isolated duplicate [8] of the real one. Process virtual machine just supports a process; system virtual machine supports an entire system. Why Virtualize? Reasons for Virtualization Hardware Economy Versatility Environment Specialization Security Safe Kernel Development OS Research [12] 1

Process Virtualization System Virtualization VM interfaces with single process Application sees virtual machine as address space, registers, and instruction set [10]. Examples: Multiprogramming Emulation for binaries High-level language VMMs (e.g., JVM) Application Virtualization Layer OS Hardware Application OS Virtualization Layer Hardware Classical Virtualization Application OS Virtualization Layer OS Hardware Hosted Virtualization/Emulation System Virtualization Interfaces with operating system OS sees VM as an actual machine memory, I/O, CPU, etc [10]. Classic virtualization: virtualization layer runs atop the hardware. Usually found on servers (Xen, VMWare ESX) Hosted or whole-system virtualization: virtualization runs on an operating system Popular for desktops (VMWare Workstation, Virtual PC) Emulation Providing an interface to a system so that it can run on a system with a different interface [10]. Lets compiled binaries, OSes run on architectures with different ISA (binary translation) Performance usually worse than classic virtualization. Example: QEMU [11] Breaks CPU instructions into small ops, coded in C. C code is compiled into small objects on native ISA. dyngen utility runs code by dynamically stitching objects together (dynamic code generation). 2

OS Virtualization: Some Important Terms Virtual Machine (VM): An instance of of an operating system running on a virtualized system. Also known as a virtual or guest OS. hypervisor: The underlying virtualization system sitting between the guest OSes and the hardware. Also known as a Virtual Machine Monitor (VMM). The analogous construct in process virtualization is the runtime (the JVM, for instance). Requirements of a VMM Developed by Popek & Goldberg in 1974 [8]: 1. Provides environment identical to underlying hardware. 2. Most of the instructions coming from the guest OS are executed by the hardware without being modified by the VMM. 3. Resource management is handled by the VMM (this all non-cpu hardware such as memory and peripherals). Hypervisor exists as a layer between the operating systems and the hardware. Guest OS Model Performs memory management and scheduling required to coordinate multiple operating systems. Apps Apps Apps Guest OS Guest OS Hypervisor (Host) Guest OS Virtualization Challenges Performance Requirements Holding down the cost of VMM activities. Privileged Instructions Handling architecture-imposed instruction privilege levels. Memory Management Managing multiple address spaces efficiently. May also have a separate controlling interface. Hardware I/O Virtualization Handling I/O requests from multiple operating systems. 3

Performance Trap and Emulate Basics [8] Modern VMMs based around trap-and-emulate [8]. When a guest OS executes a privileged instruction, control is passed to VMM (VMM traps on instruction), which decides how to handle instruction [8]. VMM generates instructions to handle trapped instruction (emulation). Non-privileged instructions do not trap (system stays in guest context). CPU_INST TRAP CPU_INST1 EXEC CPU_INST Guest OS VMM User and superuser modes in [8] roughly correspond to guest OS & VMM modes Analogous to user and kernel modes Trap: To switch to VMM mode Sensitive Instruction: Instruction that must be executed in superuser (VMM) mode E.g., instructions that manage system resources or switch modes Privileged Instruction: Any instruction that traps when executed in user (guest OS) mode All sensitive instructions must be privileged instructions [8] Trap-and-Emulate Problems Trap-and-emulate is expensive Requires context-switch from guest OS mode to VMM. x86 is not trap-friendly Guest s CPL privilege level is visible in hardware registers; cannot change it in a way that the guest OS cannot detect [5]. Some instructions are not privileged, but access privileged systems Example: instructions that access page tables do not require 0- level CPL privilege, but anything that affects the MMU does [5]. A read is fair game for the user, but if it causes a page fault, a new page has to be fetched by the MMU Direct Access Direct access to hardware is not permitted by the Popek and Goldberg model [8]. VMWare and Xen both bend this rule, allow guests to access hardware directly in certain cases. Xen uses validated access model [3]. Fine-grained control over direct access. VMWare allows user-mode instructions to bypass BT, go straight to CPU [5]. Memory accesses are sometimes batched to minimize context switches. 4

Virtualizing Privileged Instructions x86 architecture has four privilege levels (rings). The OS assumes it will be executing in Ring 0. Many system calls require 0- level privileges to execute. Any virtualization strategy must find a way to circumvent this. Hardware is functionally identical to underlying architecture. [3] Typically accomplished through interpretation or binary translation. Full Virtualization Advantage: Guest OS will run without any changes to source code. Disadvantage: Complex, usually slower than paravirtualization. Image Source: VMWare White Paper, Understanding Full Virtualization, Paravirtualization, and Hardware Assist, 2007. Image Source: VMWare White Paper, Understanding Full Virtualization, Paravirtualization, and Hardware Assist, 2007. Paravirtualization Replace certain unvirtualized sections of OS code with virtualization-friendly code. Virtual architecture similar but not identical to the underlying architecture. [3] Advantages: easier, lower virtualization overhead Disadvantages: requires modifications to guest OS VMWare Virtualization Full virtualization implemented through dynamic binary translation [5]. Translated code is grouped and stored in translation caches (TCs). Callout method replaces traps with stored emulation functions. In-TC emulation blocks are even more efficient. Adaptive binary translation rewrites translated blocks to minimize PTE traps [5]. Direct execution of user-space code further reduces overhead [5]. Image Source: VMWare White Paper, Understanding Full Virtualization, Paravirtualization, and Hardware Assist, 2007. 5

Xen Virtualization Xen occupies privilege level 0; guest OS occupies privilege level 1 OS code is modified so that high-privilege calls (hypercalls) are made to and trapped by Xen [3] Xen traps guest OS instructions using table of exception handlers Frequently used handlers (e.g., system calls) have special handlers that allow guest OS to bypass privilege level 0 [3] Page faults require special handling since they need access to a register accessible containing the trapping address that is accessible only in privileged mode Handlers are vetted by Xen before being stored Hardware-Assisted Virtualization Hardware virtualization-assist released in 2006 [5]. Intel, AMD both have technologies of this type. Introduces new VMX runtime mode. Two modes: guest (for OS) and root (for VMM). Each mode has all four CPL privilege levels available [8]. Switching from guest to VMM does not require changes in privilege level. Root mode supports special VMX instructions. Virtual machine control block [5] contains control flags and state information for active guest OS. New CPU instructions for entering and exiting VMM mode. Does not support I/O virtualization. Intel VT-X Both modes have no restrictions on privilege No need for software-based deprivileging Image Source: Smith, J. and Nair, R. Virtual Machines, Morgan Kaufmann, 2005. Applications of VT-X Xen uses Intel VT-x to host fully-virtualized guests alongside paravirtualized guests [6]. System has root (VMM) and non-root (guest) modes, each with privilege levels 0-3. QEMU/Bochs projects provide emulations VMWare does not make use of VT technology [5]. VMWare s software-based VMMs significantly outperformed VT-X-based VMMs [5]. VT-X virtualization is trap-based, and DBT tries to eliminate traps wherever possible. 6

Virtualizing Memory Virtualization software must find a way to handle paging requests of operating systems, keeping each set of pages separate. Memory virtualization must not impose too much overhead, or performance and scalability will be impaired. Guest OS must each have an address space, be convinced that it has access to the entire address space. SOLUTION: most modern VMMs add an additional layer of abstraction in address space [4]. Machine Address bare hardware address. Physical Address VMM abstraction of machine address, used by guest Oses. Guest maintains virtual-to-physical page tables. VMM maintains pmap structure containing physical-to-machine page mappings. virtual a Memory Lookup Problem physical b Page Table for Program m on VM n. physical machine b c Pmap structure in VMM. That s a lot of lookups! frame Solution: Shadow Page Tables Shadow page tables map virtual memory to machine memory [4]. One page table maintained per guest OS. TLB caches results from shadow page tables. Shadow page tables must be kept consistent with guest pages. VMM updates shadow page tables when pmap (physicalto-machine) records are updated. VMM now has access to virtual addresses, eliminating two page table lookups. virtual a Shadow Page Tables physical b Page Table for Program m on VM n. Guest physical machine VMM b c Pmap structure in VMM. virtual a machine c Shadow page table in VMM. 7

Shadow Page Table Drawbacks Updates are expensive On a write, the VMM must update the VM and the shadow page table. TLB must be flushed on world switch. TLB from other guest will be full of machine addresses that would be invalid in the new context. Memory Load Balancing Problem Assume VMM divides address space evenly among guests. If guest workload is not balanced, one guest could be routinely starved for memory. Other guests have way more than they need. Solution: memory overcommitment 2/n 1/n (n 2)/n 4/n Memory Overcommitment Overcommitment: committing more total memory to guest OSes than actually exists on the system [4]. Guest memory can be adjusted according to workload. Higher-workload servers get better performance than with a simple even allocation. Requires some mechanism to reclaim memory from other guests [4]. Poor page replacement schemes can result in double paging [4]. VMM marks page for reclamation, OS immediately moves reclaimed page out of memory Most common in high memory-usage situations. Mechanism for page reclamation. Technique to induce pageins, page-outs in a guest OS. Balloon module [4] loaded on guest OS reserves physical pages; can be expanded or contracted. VMWare and Xen both support ballooning. Ballooning Image Source: Waldspurger, C. Memory Resource Management in VMware ESX Server, OSDI 2002. 8

Ballooning, continued When VMM wants to reclaim memory, balloon inflates. Region of reserved pages expands. Guest OS has less memory to work with, starts experiencing memory pressure and begins paging out more memory. Later on, the VMM deflates the balloon. Releases physical memory, which the guest can use. Ballooning Issues Pros Piggybacks off guest OS memory management algorithms. Guest decides which pages to release Low trap overhead [4]. VMM indicates when to inflate, deflate balloon, but does not get involved otherwise. Cons Stretches the definition of full virtualization [2]. Is not guaranteed to work, or release sufficient memory. Xen and VMWare both have fallback page replacement algorithms [3], [4]. Image Source: Waldspurger, C. Memory Resource Management in VMware ESX Server, OSDI 2002. Performance is critical for virtualized I/O Many I/O devices are timesensitive or require low latency [7]. I/O Virtualization Most common method: device emulation VMM presents guest OS with a virtual device [7]. Preserves security, handles concurrency, but imposes more overhead. Guest OS Guest Driver Virtual Device VMM Virtual Driver Physical Device I/O Virtualization Problems Multiplexing How to share hardware access among multiple OSes. Switching Expense Low-level I/O functionality happens at the VMM level, requiring a context switch. 9

Both major VMMs use an asynchronous ring buffer to store I/O descriptors. Batches I/O operations to minimize cost of world switches [7]. Sends and receives exist in same buffer. If buffer fills up, an exit is triggered [7]. Packet Queuing I/O Rings, continued Xen Rings contain memory descriptors pointing to I/O buffer regions declared in guest address space. Guest and VMM deposit and remove messages using a producer-consumer model [2]. Xen 3.0 places device drivers on their own virtual domains, minimizing the effect of driver crashes. VMWare Ring buffer is constructed in and managed by VMM. If VMM detects a great deal of entries and exits, it starts queuing I/O requests in ring buffer [7]. Next interrupt triggers transmission of accumulated messages. Image Source: Barham, P. et al. Xen and the Art of Virtualization, SOSP 2003. Summary Current VMM implementations provide safe, relatively efficient virtualization, albeit often at the expense of theoretical soundness [8]. The x86 architecture requires a) binary translation, b) paravirtualization, or c) hardware support to virtualize. Binary translation and instruction trapping costs are currently the largest drains on efficiency [5]. Management of memory and other resources remains a complex and expensive task in modern virtualization implementations. References 1. Singh, A. An Introduction To Virtualization, www.kernelthread.com, 2004. 2. VMWare White Paper, Understanding Full Virtualization, Paravirtualization, and Hardware Assist, 2007. 3. Barham, P. et al. Xen and the Art of Virtualization, SOSP 2003. 4. Waldspurger, C. Memory Resource Management in VMware ESX Server, OSDI 2002. 5. Adams, K. and Agesen, O. A Comparison of Software and Hardware Techniques for x86 Virtualization, ASPLOS 2006. 6. Pratt, I. et al. Xen 3.0 and the Art of Virtualization, Linux Symposium 2005. 7. Sugerman, J. et al. Virtualizing I/O Devices on Vmware Workstation s Hosted Virtual Machine Monitor, Usenix, 2001. 8. Popek, G. and Goldberg, R. Formal Requirements for Virtualizable Third-Generation Architectures, Communications of the ACM, 1974. 9. Mahalingam, M. I/O Architectures for Virtualization, VMWorld, 2006. 10. Smith, J. and Nair, R. Virtual Machines, Morgan Kaufmann, 2005. 11. Bellard, F. QEMU, a Fast and Portable Translator, USENIX 2005. 12. Silberschatz, A., Galvin, P., Gagne, G. Operating System Concepts, Eighth Edition. Wiley & Sons, 2009. 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback