My name is Wesley Peck This talk is going to be an overview of virtualization technologies.
What is a virtual machine and why would we want to use one What are the requirements does and architecture need to be virtualizable What are the basic techniques for virtualizing an architecture Comparison of two different architectures which have been virtualized An overview of several successful virtualization products
IBM: A virtual machine is an isolated and protected copy of the original machine - Copy does not necessarily mean exact copy VMWare: Virtualization is the separation of a resource or request from its underlying physical delivery - What is the premier example of this in standard operating systems? - Virtual Memory
Why is virtualization useful? - Why do you think virtualization would be useful?
The software behind virtualization technology is the virtual machine monitor - The monitor sits above and abstracts the system hardware - Conceptually guest operating systems interact with the virtual machine instead of directly with the hardware
What requirements must an architecture meet in order to be virtualizable?
What are some desirable characteristics of a virtual machine monitor?
There are three main virtualization strategies. 1. Emulation: the most abstract implementation - Software provides virtual implementations of every hardware device - Time consuming to develop - Performance is poor - Great for simulations 2. Full System Virtualization: less abstract than hardware - Software provides virtual implementations of architectures privileged operations - Can be tricky to develop (issues with architectures) - Performance can suffer - Can run unmodified operating systems at acceptable performance levels 3. Paravirtualization - Software provides a virtual architecture with efficient mechanisms for privileged operations - Operating systems must be changed in order to work with the new architecture - Performance is often very good
Basic processor virtualization works much like a normal operating system The VMM runs in the privileged level and all guests run in the unprivileged level Privileged instructions executed by the guest are emulated after a trap is received
Memory virtualization make use of traditional virtual memory techniques Main difference is the two levels of virtual memory Guest operating system managed virtual memory VMM managed virtual memory
The basic techniques should work, in theory, but there are several problems 1. Some architectures were never designed to be virtualizable 2. Performance implications of some of the techniques are bad 3. The naive techniques can waste lots of resources 4. The naive techniques often do not have enough information to be effective: e.g. page replacement
Here we look at our first virtualizable architecture. IBM developed the first VMM with the CP-67 but its performance was not good enough A decision was made to create a new architecture with the goal of virtualization The result was the VM/370 (Virtual Machine Facility 370)
The VM/370 added several hardware assists to enable high performance VMM designs 1. Virtual Machine Assist 13 instructions which replaced guest virtual machine instructions that would have been emulated in software otherwise. 35% performance increase. 2. Extended Control Program Support A set of 35 instructions which were targeted at specific applications. These instructions replaced some functions which were previously supplied by the vmm. 3. Shadow Table Bypass Assists placed in hardware which allowed trusted guests to access the virtual memory system directly. A security risk but most machines were “well behaved” because they were designed by IBM.
The Intel IA-32 architecture was never designed to be virtualized and this causes complications. Compared to IBMs well-designed virtualization architecture the IA-32 presents as a poor contender. However, the IA-32 is by far the most widely available and so virtualization is still demanded. Example complications are non-protected privileged instructions and enormous I/O requirements.
Solutions for virtualizing the IA-32 revolve around detecting the 17 problem instructions. These instructions are sensitive to being run in a virtualized environment but do not trap.
The IA-64 architecture is similar in its complications. One advantage, however, is the IA-64’s support for ring compression. This allows traps in the guest operating system to be captured by the vmm.
The first virtualization product we are going to look at is VMWare. VMWare is the most popular of all of the virtualization products. It supports both a hosted environment and a hypervisor approach It uses many clever design tricks to achieve high performance
The processor is virtualized by using direct execution on the processor - Combined with binary translation to eliminate problem instructions - Results in very performance only “slightly” lower than paravirtualized approaches Memory is virtualized using the very straight forward shadow table approach - Additionally a special ballooning driver is installed in each guest operating system - This trick gives the VMM insight into page usable inside of the guest Device I/O is virtualized in one of two different ways - The hosted architecture relies on the existing host for I/O support - The hypervisor architecture supports only a limited number of “certified” devices
The main benefit of full system virtualization is that unmodified applications can run on the vmm. When combined with performance enhancing “tricks” like those employed by VMWare the results are very impressive However, even with these tricks performance can suffer because of the need to emulate protected operations
The first paravirtualize approach we will look at is the Denali vmm. This vmm aims to provide very fast, minimal virtual machine containers The target for Denali is supporting thousands of extremely light weight vmm Each vmm runs a simple network application. Most of these vmm’s remain idle because their services are rarely employed Because of the special requirements, Denali provides its own architecture
Denali virtualizes the cpu using direct execution with a set of extended operations - First, the system requires a idle’ing guest to use the idle instruction - Second, interrupts are queued instead of delievered directly - Third, interrupt semantics are changed from “just happened” to “recently happened” Denali does not support virtual memory Denali virtualizes I/O by providing a set of generic devices which are fully supported by the architecure - Instead of presenting a Linksys NC100, for example, Denali provides a “network card” - The difference is in the way interaction with the device happens - This results in very high performance I/O in Denali
Xen in another paravirtualized virtualization architecture. Xen’s goal is to paravirtualize commodity operating systems It also wants to support application level binary compatibility Xen has achieved most of these goals and it currently the most popular paravirtualized approach.
Xen has different architecture policies not just different mechanisms. In Xen’s view keeping the guest operating system completely in the dark can be a bad thing. The claim is that completely hiding the virtualization of resources risks both performance and correctness For example, if virtualization only exposed virtual time to a guest then time sensitive tasks can operate in correctly Take, for example, TCP timeouts and round-trip time estimates. These both require information about the real time
Xen virtualizes the processor using direct execution - The guest is executed in ring 1 on the IA-32 - Exception handlers must be registered with Xen instead of directly with the hardware - A special mechanism is employed for the system call handler (avoids indirecting through Xen) Memory is virtualized by allowing the guests to maintain their own hardware page tables - What restrictions must there be on this? - Only read-only access is given to the guest - Any page table updates must go through xen - Xen ensures that mapped pages are read-only and only make use of the correct pages I/O Devices are virtualized through shared memory asynchronous descriptor rings - A circular queue allocated by the guest but accessible by xen - Data not placed directly into queue, only pointers to the data - Uses a producer consumer model - Does not require that requests be serviced in order (optimizations) - Additionally a lightweight event system replaces hardware interrupts - Bitmask of pending events