Professional Documents
Culture Documents
Introduction
Virtualization: Providing an interface to software
Why Virtualize?
Reasons for Virtualization
Hardware Economy
Versatility
Environment Specialization
Security
Safe Kernel Development
OS Research [12]
Process Virtualization
VM interfaces with single
process
Examples:
Multiprogramming
Emulation for binaries
High-level language VMMs
(e.g., JVM)
Application
Virtualization Layer
OS
Hardware
System Virtualization
Application
OS
Virtualization Layer
Hardware
Classical Virtualization
Application
OS
Virtualization Layer
OS
Hardware
Hosted Virtualization/
Emulation
System Virtualization
Interfaces with operating system
OS sees VM as an actual machinememory, I/O,
CPU, etc [10].
Emulation
Providing an interface to a system so that it can run
on a system with a different interface [10].
Lets compiled binaries, OSes run on architectures
Requirements of a VMM
Developed by Popek & Goldberg in 1974 [8]:
Guest OS Model
Hypervisor exists as a layer
between the operating
systems and the hardware.
Performs memory
management and
scheduling required to
coordinate multiple
operating systems.
Apps
Apps
Apps
Guest OS
Guest OS
Guest OS
Hypervisor (Host)
Hardware
Virtualization Challenges
Privileged Instructions
Handling architecture-imposed instruction privilege
levels.
Performance Requirements
Holding down the cost of VMM activities.
Memory Management
Managing multiple address spaces efficiently.
I/O Virtualization
Handling I/O requests from multiple operating
systems.
e hardware. The functionality of the hypervisor varies greatly based on architecture and
plementation. Each VMM running on the hypervisor implements the virtual machine hardware
straction and is responsible for running a guest OS. Each VMM has to partition and share the
U, memory and I/O devices to successfully virtualize the system.
Virtualizing Privileged
PU Virtualization
Instructions
x86
hasVirtualization
four
he Challenges
ofarchitecture
x86 Hardware
privilege levels (rings).
Full Virtualization
Hardware is functionally
identical to underlying
architecture. [3]
Typically accomplished
through interpretation or
binary translation.
Disadvantage: Complex,
usually slower than
paravirtualization.
Image Source: VMWare White Paper, Understanding Full Virtualization, Paravirtualization, and Hardware
Assist, 2007.
Paravirtualization
Replace certain
unvirtualized sections of
OS code with
virtualization-friendly code.
Virtual architecture
Disadvantages: requires
modifications to guest OS
Image Source: VMWare White Paper, Understanding Full Virtualization, Paravirtualization, and Hardware
Assist, 2007.
Performance
Modern VMMs based around
trap-and-emulate [8].
CPU_INST
TRAP
CPU_INST1
EXEC
Non-privileged instructions
CPU_INST
Guest OS
VMM
Trap-and-Emulate Problems
Trap-and-emulate is expensive
Requires context-switch from guest OS mode to VMM.
VMWare Virtualization
Full virtualization implemented through dynamic
caches (TCs).
Callout method replaces traps with stored emulation
functions.
In-TC emulation blocks are even more efficient.
Adaptive binary translation rewrites translated blocks
to minimize PTE traps [5].
Xen Virtualization
Xen occupies privilege level 0; guest OS occupies
privilege level 1.
exception handlers.
Frequently used handlers (e.g., system calls) have
special handlers that allow guest OS to bypass
privilege level 0 [3].
Approach does not work with page faults.
Hardware-Assisted Virtualization
Hardware virtualization-assist released in 2006 [5].
Intel, AMD both have technologies of this type.
Intel VT-X
Applications of VT-X
Xen uses Intel VT-x to host fully-virtualized guests
Virtualizing Memory
Virtualization software must find a way to handle paging requests
of operating systems, keeping each set of pages separate.
guest Oses.
Guest maintains virtual-to-physical page tables.
VMM maintains pmap structure containing physical-to-machine page
mappings.
Memory Problem
virtual
a
physical
b
physical machine
b
frame
Pmap
structure in
VMM.
physical
physical machine
Guest
Pmap
structure in
VMM.
VMM
virtual
a
machine
c
Shadow page
table in VMM.
Direct Access
Direct access to hardware is not permitted by the Popek
and Goldberg model [8].
Solution: memory
overcommitment
2/n
1/n
(n2)/n
4/n
Memory Overcommitment
Overcommitment: committing more total memory to
paging [4].
VMM marks page for reclamation, OS immediately moves
reclaimed page out of memory
Most common in high memory-usage situations.
Ballooning
Mechanism for page
reclamation.
Technique to induce page-
Image Source: Waldspurger, C. Memory Resource Management in VMware ESX Server, OSDI 2002.
I/O Virtualization
Performance is critical for
virtualized I/O
Many I/O devices are timesensitive or require low
latency [7].
device emulation
VMM presents guest OS
Guest OS
Guest
Driver
Virtual
Device
VMM
Virtual
Driver
Physical Device
Switching Expense
Low-level I/O functionality happens at the VMM level,
requiring a context switch.
Packet Queuing
Both major VMMs use an
asynchronous ring buffer
to store I/O descriptors.
Request Consumer
Private pointer
in Xen
Response Producer
Shared pointer
updated by
Xen
Request Producer
Shared pointer
updated by guest OS
Response Consumer
Private pointer
in guest OS
Request queue - Descriptors queued by the VM but not yet accepted by Xen
Outstanding descriptors - Descriptor slots awaiting a response from Xen
Response queue - Descriptors returned by Xen in response to serviced requests
Unused descriptors
the timel
work rou
ing virtu
ideal fa
other sch
our gene
ters can b
3.3.2
Xen p
and wallsince ma
sors cyc
source (f
vances w
schedule
cation pr
to be add
to be adj
Each g
time and
maintain
timers to
ing Xen
3.3.3
VMWare
Ring buffer is constructed
in and managed by VMM.
transmission of
accumulated messages.
Summary
Current VMM implementations provide safe, relatively
efficient virtualization, albeit often at the expense of
theoretical soundness [8].
References
1.
2.
3.
4.
5.
6.
Pratt, I. et al. Xen 3.0 and the Art of Virtualization, Linux Symposium 2005.
7.
8.
9.