Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

Similar documents
Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Introduction to Virtual Machines. Carl Waldspurger (SB SM 89 PhD 95) VMware R&D

Virtual Machines. To do. q VM over time q Implementation methods q Hardware features supporting VM q Next time: Midterm?

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Virtualization and memory hierarchy

Virtualization. Dr. Yingwu Zhu

Advanced Operating Systems (CS 202) Virtualization

CSE 120 Principles of Operating Systems

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University


COS 318: Operating Systems. Virtual Machine Monitors

Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

COSC6376 Cloud Computing Lecture 14: CPU and I/O Virtualization

Chapter 5 C. Virtual machines

Nested Virtualization and Server Consolidation

Virtualization. Pradipta De

CS370 Operating Systems

Module 1: Virtualization. Types of Interfaces

LINUX Virtualization. Running other code under LINUX

references Virtualization services Topics Virtualization

Virtualization and Virtual Machines. CS522 Principles of Computer Systems Dr. Edouard Bugnion

Intel Virtualization Technology Roadmap and VT-d Support in Xen

Learning Outcomes. Extended OS. Observations Operating systems provide well defined interfaces. Virtual Machines. Interface Levels

Virtualization. Adam Belay

Micro VMMs and Nested Virtualization

Overview of System Virtualization: The most powerful platform for program analysis and system security. Zhiqiang Lin

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

Virtual Machine Monitors (VMMs) are a hot topic in

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

Hardware- assisted Virtualization

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

Operating Systems 4/27/2015

CHAPTER 16 - VIRTUAL MACHINES

CprE Virtualization. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University

CSCE 410/611: Virtualization

24-vm.txt Mon Nov 21 22:13: Notes on Virtual Machines , Fall 2011 Carnegie Mellon University Randal E. Bryant.

VIRTUALIZATION: IBM VM/370 AND XEN

System Virtual Machines

Cloud Computing Virtualization

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

CSCE 410/611: Virtualization!

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

CHAPTER 16 - VIRTUAL MACHINES

Virtual Virtual Memory

Linux and Xen. Andrea Sarro. andrea.sarro(at)quadrics.it. Linux Kernel Hacking Free Course IV Edition

Distributed Systems COMP 212. Lecture 18 Othon Michail

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

Virtualisation: The KVM Way. Amit Shah

CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II

Lecture 5: February 3

CIS : Computational Reproducibility

Advanced Systems Security: Virtual Machine Systems

CSC 5930/9010 Cloud S & P: Virtualization

Concepts. Virtualization

Making Nested Virtualization Real by Using Hardware Virtualization Features

System Virtual Machines

Virtualization with XEN. Trusted Computing CS599 Spring 2007 Arun Viswanathan University of Southern California

Hardware Virtualization Trends

CS370 Operating Systems

DISCO and Virtualization


Knut Omang Ifi/Oracle 6 Nov, 2017

Virtual Leverage: Server Consolidation in Open Source Environments. Margaret Lewis Commercial Software Strategist AMD

CS 5600 Computer Systems. Lecture 11: Virtual Machine Monitors

Virtualization. Virtualization

Virtualization. join, aggregation, concatenation, array, N 1 ühendamine, agregeerimine, konkateneerimine, massiiv

I/O virtualization. Jiang, Yunhong Yang, Xiaowei Software and Service Group 2009 虚拟化技术全国高校师资研讨班

EE 660: Computer Architecture Cloud Architecture: Virtualization

Introduction Construction State of the Art. Virtualization. Bernhard Kauer OS Group TU Dresden Dresden,

Lecture 5. KVM for ARM. Christoffer Dall and Jason Nieh. 5 November, Operating Systems Practical. OSP Lecture 5, KVM for ARM 1/42

Virtualization History and Future Trends

I/O and virtualization

Virtual Machine Monitors!

Performance Aspects of x86 Virtualization

Virtual Machine Security

SERVE. -Priyal Lokhandwala

Virtualization. Part 1 Concepts & XEN

CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University

Multiprocessor Scheduling. Multiprocessor Scheduling

VIRTUALIZATION. Dresden, 2011/12/6. Julian Stecklina

Virtual Machine Systems

1 Virtualization Recap

Intel VMX technology

Xen is not just paravirtualization

COSC 6385 Computer Architecture. Virtualizing Compute Resources

Virtualization (II) SPD Course 17/03/2010 Massimo Coppola

To EL2, and Beyond! connect.linaro.org. Optimizing the Design and Implementation of KVM/ARM

COLORADO, USA; 2 Usov Aleksey Yevgenyevich - Technical Architect, RUSSIAN GOVT INSURANCE, MOSCOW; 3 Kropachev Artemii Vasilyevich Manager,

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

Virtualized SISCI. Extending Virtual Machines With a Shared Memory API Utilizing PCIe Networking. Halvor Kielland-Gyrud Master s Thesis Spring 2017

Optimizing and Enhancing VM for the Cloud Computing Era. 20 November 2009 Jun Nakajima, Sheng Yang, and Eddie Dong

Virtualization. Darren Alton

Virtualization. Guillaume Urvoy-Keller UNS/I3S

Virtualization technology

Transcription:

Starting Point: A Physical Machine Virtualization Based on materials from: Introduction to Virtual Machines by Carl Waldspurger Understanding Intel Virtualization Technology (VT) by N. B. Sahgal and D. Rodgers Intel Virtualization Technology Roadmap and VT-d Support in Xen by Jun Nakajima A Performance Comparison of Container-based Virtualization Systems for MapReduce! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized! Software Tightly coupled to physical hardware Single active OS instance OS controls hardware Clusters by M. G. Xavier, M. V. Neves, and C.A.F. De Rose 2 2010 VMware Inc. All rights reserved What is a Virtual Machine? Virtualization Properties! Software Abstraction Behaves like hardware Encapsulates all OS and application state! Virtualization Layer Extra level of indirection Decouples hardware, OS Enforces isolation Multiplexes physical hardware across VMs! Isolation Fault isolation Performance isolation! Encapsulation Cleanly capture all VM state Enables VM snapshots, clones! Portability Independent of physical hardware Enables migration of live, running VMs! Interposition Transformations on instructions, memory, I/O Enables transparent resource overcommitment, encryption, compression, replication 3 4 1

Virtualization Applications Types of Virtualization! Process Virtualization Language-level Java,.NET, Smalltalk OS-level processes, Solaris Zones, BSD Jails, Docker Containers Cross-ISA emulation Apple 68K-PPC-x86! System Virtualization VMware Workstation, Microsoft VPC, Parallels VMware ESX, Xen, Microsoft Hyper-V 5 6 Types of Virtualization! Native/Bare metal (Type 1) Higher performance ESX, Xen, HyperV, KVM! Hosted (Type 2) Easier to install Leverage host s device drivers VMware Workstation, Parallels Types of Virtualization! Full virtualization Unmodified OS, virtualization is transparent to OS! Para virtualization OS modified to be virtualized 7 Attribution: http://itechthoughts.wordpress.com/tag/full-virtualization/ 8 Attribution http://forums.techarena.in/guides-tutorials/1104460.htm 2

What is a Virtual Machine Monitor? What Needs to Virtualized Virtualized?! Classic Definition (Popek and Goldberg 74)! VMM Properties Equivalent execution: Programs running in the virtualized environment run identically to running natively. Performance: A statistically dominant subset of the instructions must be executed directly on the CPU. Safety and isolation: A VMM most completely control system resources.! Processor! Memory! IO Guest OS + Applications Page Fault Undef Instr virq MMU Emulation CPU Emulation I/O Emulation Virtual Machine Monitor Unprivileged Privileged 9 10 Processor Virtualization Trap and Emulate! Run guest operating system deprivileged! All privileged instructions trap into VMM! VMM emulates instructions against virtual state e.g. disable virtual interrupts, not physical interrupts! Resume direct execution from next guest instruction An architecture is classically/strictly virtualizable if all its sensitive instructions (those that violate safety and encapsulation) are a subset of the privileged instructions.! all instructions either trap or execute identically! instructions that access privileged state trap 11 Attribution: http://itechthoughts.wordpress.com/tag/full-virtualization/ 12 3

x86 Virtualization Challenges! Not Classically Virtualizable x86 ISA includes instructions that read or modify privileged state But which don t trap in unprivileged mode! Example: POPF instruction Pop top-of-stack into EFLAGS register EFLAGS.IF bit privileged (interrupt enable flag) POPF silently ignores attempts to alter EFLAGS.IF in unprivileged mode! So no trap to return control to VMM! Deprivileging not possible with x86! x86 Virtualization Approaches! Binary translation! Para virtualization! HW support 13 14 Processor Paravirtualization! Make OS aware of virtualization! Present to OS software interface that is similar, but not identical to underlying hardware! Replace dangerous system calls with calls to VMM Page table updates! Advantages: High performance! Disadvantages: Requires porting OS! Examples: Xen HW Support! Intel VT-x Codenamed "Vanderpool" Available since Itanium 2 (2005), Xeon and Centrino (2006)! AMD-V Codename Pacifica Available since Athlon 64 (2006) 15 16 4

Intel VT-x! VT extends the original x86 architecture to eliminate holes that make virtualization hard. Operating Modes! VMX root operation: Fully privileged, intended for VM monitor! VMX non-root operation: Not fully privileged, intended for guest software Reduces Guest SW privilege w/o relying on rings Solution to Ring Aliasing and Ring Compression 17 18 VM Entry and VM Exit Benefits: VT Helps Improve VMMs! VM Entry Transition from VMM to Guest Enters VMX non-root operation Loads Guest state and Exit criteria from VMCS VMLAUNCH instruction used on initial entry VMRESUME instruction used on subsequent entries! VM Exit VMEXIT instruction used on transition from Guest to VMM Enters VMX root operation Saves Guest state in VMCS Loads VMM state from VMCS! VMM can control which instructions cause VM exists CR3 accesses, INVLPG! VT Reduces guest OS dependency Eliminates need for binary patching / translation Facilitates support for Legacy OS! VT improves robustness Eliminates need for complex SW techniques Simpler and smaller VMMs Smaller trusted-computing base! VT improves performance Fewer unwanted Guest " VMM transitions 19 20 5

x86 Memory Management Primer! The processor operates with virtual addresses! Physical memory operates with physical addresses! x86 includes a hardware translation lookaside buffer (TLB) Maps virtual to physical page addresses! x86 handles TLB misses in HW CR3 points to page table root HW walks the page tables Inserts virtual to physical mapping Memory Virtualization! Native! Virtualized 21 22 Memory Virtualization Techniques! Shadow page tables! Paravirtualization! HW supported nested page tables Shadow Page Tables! Keep a second set of page tables hidden from guest! Map between guest virtual and machine pages! Detect when guest changes page tables TLB invalidation requests, page table creation, write to existing page tables! Update shadow page accordingly! On context switch, install shadow page instead of guest page! Advantages: Can support unmodified guest! Disadvantages: Significant overhead to maintain consistency! Examples: VMware and Xen HVM 23 24 6

Memory Paravirtualization! Page table maps between virtual and machine addresses! OS and VMM share page tables! OS can only read! Changes to page table require hyper call VMM validates that guest owns machine address! Advantages: Higher performance can be achieved by batching updates! Disadvantages: Requires changes to the OS! Examples: Xen Hardware Support! Nested page tables! HW keeps a second set of page tables that map from physical to machine addresses.! On a TLB miss, first find physical address from guest page tables, then map to machine address! Intel EPT (Extended Page Table) Since Corei7 (2008)! AMD RVI (Rapid Virtualization Indexing) Since Opteron and Phenom II (2007) 25 26 Issues with Nested Page Tables! Positives Simplifies monitor design No need for page protection calculus! Negatives Guest page table is in physical address space Need to walk PhysMap multiple times Need physical-to-machine mapping to walk guest page table Need physical-to-machine mapping for original virtual address Memory Reclamation! Balloning: guest driver allocates pinned PPNs, hypervisor deallocates backing MPNs! Swapping: hypervisor transparently pages out PPNs, paged in on demand! Page sharing: hypervisor identifies identical PPNs based on content, maps to same MPN copy-on-write 27 28 7

Ballooning Page Sharing 29 30 Page Sharing I/O Virtualization! Emulation! Paravirtualization (split driver)! Direct mapped/pci passthrough! Hardware support 31 32 8

Emulation! Guest runs original driver! VMM emulates HW in SW! Advantages: Can run unmodified guest! Disadvantages: Slow IO Paravirtualization! Slip driver approach! Privileged domain interact with IO devices, exports high level interface as back-end drive! Guest domain implements front end driver! Front and back end drivers 33 34 Direct Mapped/PCI Passthrough! Allocate a physical device to a specific domain! Driver runs of guest domain! Cannot use DMA! DMA uses physical addresses.! Breaks isolation Hardware Support! IOMMU (IO Memory Management Unit)! Translates memory addresses from IO space to physical space! Provides isolation. Limits device s ability to access machine memory.! Intel VT-d! Core 2 (2008)! AMD-Vi! Six Core Opteron (2010) 35 36 9

Intel VT-d! Provides infrastructure for I/O virtualization! DMA and interrupt remapping VT-d Applied to Pass-through Model! Direct Device Assignment to Guest OS! Guest OS directly programs physical device! VMM sets up guest- to host-physical DMA mapping! PCI-SIG I/O Virtualization Working Group! Activity towards standardizing natively sharable I/O devices! IOV devices provide virtual interfaces, each independently assignable to VMs! Advantages: High performance and simple VMM! Disadvantages: Limits VM migration 37 38 Operating System Level Virtualization Operating System-Level Virtualization aka Container-based Virtualization Shared operating system A group of OS processes in an insolated environment Lightweight virtualization layer Each container has: Own virtual network interface (and IP Address) Own filesystem Isolation Processes in different containers can not see each other Allocation of RAM, CPU, I/O Examples Linux Vserver, OpenVZ, LXC 39 40 10

Hypervisor vs. System-Level Virtualization Hypervisor Different Kernel OS Device Emulation Limits per machine Higher overhead More secure OS-Level/Container Single Kernel Syscall Limits per process Lower overhead Less secure 41 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback