Server virtualization concepts allow partitioning of physical servers into multiple virtual servers using virtualization software and hardware techniques. This improves resource utilization by running multiple virtual machines on a single physical server. Server virtualization provides benefits like reduced costs, higher efficiency, lower power consumption, and improved availability compared to running each application on its own physical server. Key components of server virtualization include virtual machines, hypervisors, CPU virtualization using techniques like Intel VT-x or AMD-V, memory virtualization, and I/O virtualization through methods like emulated, paravirtualized or direct I/O. KVM and QEMU are popular open source virtualization solutions, with KVM providing kernel-level virtualization support and Q
What is Virtualization and its types & Techniques.What is hypervisor and its ...Shashi soni
This PPT contains Following Topics-
1.what is virtualization?
2.Examples of virtualization.
3.Techniques of virtualization.
4.Types of virtualization.
5.What is Hipervisor.
6.Types of Hypervisor with Diagrams.
Some set of examples are there like Virtual Box with demo image.
What is Virtualization and its types & Techniques.What is hypervisor and its ...Shashi soni
This PPT contains Following Topics-
1.what is virtualization?
2.Examples of virtualization.
3.Techniques of virtualization.
4.Types of virtualization.
5.What is Hipervisor.
6.Types of Hypervisor with Diagrams.
Some set of examples are there like Virtual Box with demo image.
This is summary on Virtualization. It contains benefits and different types of Virtualization. For example:Server Virtualization, Network Virtualization, Data Virtualization etc.
Virtual versions of servers, applications, networks and storage can be created through virtualization. Its main types include operating system virtualization (VMs), hardware virtualization, application-server virtualization, storage virtualization, network virtualization, administrative virtualization and application virtualization.
This slides focuses on Virtualization concepts, types of virtualization, Hypervisors, Evolution of virtualization towards cloud and QEMU-KVM architecture.
Graduating To Go - A Jumpstart into the Go Programming LanguageKaylyn Gibilterra
This workshop jumps through a lot of what is covered in the Go Tour. The exercises are new and match more along with the class content, and some pieces (like testing and APIs) are not covered in the Go Tour.
This is summary on Virtualization. It contains benefits and different types of Virtualization. For example:Server Virtualization, Network Virtualization, Data Virtualization etc.
Virtual versions of servers, applications, networks and storage can be created through virtualization. Its main types include operating system virtualization (VMs), hardware virtualization, application-server virtualization, storage virtualization, network virtualization, administrative virtualization and application virtualization.
This slides focuses on Virtualization concepts, types of virtualization, Hypervisors, Evolution of virtualization towards cloud and QEMU-KVM architecture.
Graduating To Go - A Jumpstart into the Go Programming LanguageKaylyn Gibilterra
This workshop jumps through a lot of what is covered in the Go Tour. The exercises are new and match more along with the class content, and some pieces (like testing and APIs) are not covered in the Go Tour.
Dive deep into an actual enterprise Linux migration by walking through the planning and execution of the process as seen by our customers. Our enterprise architects will break down the key migration steps to explain the available options, decisions made, and demonstrate actions on a live system. This episode gives you a representative migration experience before you actually migrate, illustrating: Side-by-side comparisons between Red Hat Enterprise Linux and CentOS; steps to consider for the operating system; and
steps to consider for common application stacks and packages.
Linux Security APIs and the Chromium Sandbox (SwedenCpp Meetup 2017)Patricia Aas
The Linux Security and Isolation APIs have become the basis of some of the most useful features server-side, providing the isolation required for efficient containers. However, these APIs also form the basis of the Chromium Sandbox on Linux, and we will study them in that context.
This presentation goes more in depth on some key points from the NDC (2017) presentation.
In queste slide potete trovare una raccolta di informazioni generiche e qualche link a risorse utili per iniziare o per approfondire la conoscenza di questo nuovo linguaggio di programmazione.
In-Memory Computing Essentials for Architects and EngineersDenis Magda
Slides of IMC Essentials workshop.
The workshop covers fundamental capabilities of in-memory computing platforms that boost high-load applications and services, and bring existing IT architecture to the next level by storing and processing a massive amount of data both in RAM and, optionally, on disk.
The capabilities and benefits of such platforms will be demonstrated with the usage of Apache Ignite, which is the in-memory computing platform that is durable, strongly consistent, and highly available with powerful SQL, key-value and processing APIs.
OCCIware, an extensible, standard-based XaaS consumer platform to manage ever...OCCIware
The OCCIware project aims at managing in a unified manner all layers and domains of the Cloud (XaaS), by building on the Open Cloud Computing (OCCI) standard. OCCIware Metamodel formally specifies the main OCCI concepts. Today a first EMF metamodel is defined that adds to OCCI new concepts such as Extension, Configuration, and EDataType, addressing some limitations of OCCI.
This session highlights OCCIware platform two main components:
– The OCCIware Studio Factory, allowing to produce visually customizable diagram editors for any Cloud configuration business domain modeled in OCCI using the OCCI Extension Studio, such as the flagship Docker Studio ;
– The OCCIware Runtime, based on OW2 erocci project, including the tools for deployment, supervision and administration, and allowing to federate multiple XaaS Cloud runtimes, such as the Roboconf PaaS server and the ActiveEon Cloud Automation multi-IaaS connector.
This talk includes a demonstration of the Docker connector and of how to use the OCCIware Cloud Designer to configure a real life Cloud application (a Java API server on top of a MongoDB cluster)’s business, platform and infrastructure layers seamlessly on both VirtualBox and OpenStack infrastructure.
The Linux Foundation has over 500 corporate members involved in over 70 member-sponsored projects. In 2016, the Linux Foundation convened over 20,000 people from 85 countries and over 4000 companies at 150 events around the world. Over 800,000 students from 215 countries have enrolled in Linux Foundation training programs. Who is driving this growth? Why do companies invest valuable resources in collaborative development? What have we learned along the way?
In-depth forensic analysis of Windows registry filesMaxim Suhanov
Uncovering the details of how a registry file is organized, how to locate & recover deleted data, and why third-party offline registry editors & viewers are failing to do their job well.
Errata.
- Page 8: "Zero-based", should be: "Zero-based, unset bits not counted".
- Page 12: "multiple delete records (entities)", should be: "multiple deleted records (entities)".
Virtualization and how it leads to cloudHuzefa Husain
What exactly is virtualization?
Types of virtualization
Current trend in virtualization
How virtualization leads to Cloud Computing?
Cloud Computing Stack
This plugin allows you to discover your ESX, Datastores and VM of your VMware architecture automatically. This plugin also has a lot of modules to monitor your virtual architecture. For more information visit the following webpage: http://pandorafms.com/index.php?sec=Library&sec2=repository&lng=en&action=view_PUI&id_PUI=269
Virtualization began in the 1960s, as a method of logically dividing the system resources provided by mainframe computers between different applications. Since then, the meaning of the term has broadened. <a>
The virt-manager application is a desktop user interface for managing virtual machines through libvirt. It primarily targets KVM VMs, but also manages Xen
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
2. About Me
Author
•“OpenFlow CookBook”, which is one
of the recognized study material by
ONF (Open Networking Foundation)
•Learning CoreOS
•1 RFC & 2 IETF Drafts in MPLS and
TRILL WG
•Frequent Presenter in various
networking Forums
•Trainer of SDN, NFV and Network
Virtualization Concepts
Experience
•14+ years of Industry Experience
•6+ years of experience in SDN, NFV
and OpenFlow
•Working as a pre-sales consultant
and product manager
•Having Work Experience in all the
three commercial L2, L3 networking
stack (IPInfusion ZebOS, Aricent ISS,
MetaSwitch L2,L3 and MPLS stack)
3. Levels of Server Virtualization
Types of Server Virtualization
Components of Server Virtualization
HyperVisors
Virtual Machine
Containers
Dockers
4. Server Virtualization
Wikipedia Definition
Partitioning of physical server into
number of small virtual servers
Uses Virtualization Software and
hardware virtualization techniques
In most cases the servers are not
utilized fully which results in
inefficient usage
6. History of Server Virtualization
IBM Mainframes
with Virtualization
Evolution of
Personal
Computers
(1990s)
Back to
virtualization to
reduce Capex and
Opex
(2000s)
1970s 1990s 2000s
7. IBM Mainframes
IBM CP-67 (Mid
1960s)
First Virtualized IBM Mainframe
Server
Split the computer into multiple
virtual machines
Different “tasks” can be run separately
and independently on the same
mainframe
If one virtual machine or “task” has a
problem, other virtual machines are
unaffected
8. Personal Computer Evolution
• Introduction of Intel/AMD servers (x86 architecture)
• Each PC/server runs its own OS (Windows / Unix) and runs application.
• Best approach for personal computers.
• For server and IT infrastructure brings overhead while going for massive
scale.
• Typically in IT and infrastructure deployment one server runs one
application (Email Server, Application Server, DB Server etc)
File
Server
Web
Server
File
Server
Web
Server
File
Server
Domain
Server
App
Server
DNS
Server
Each Server Running
1 Application
11. Components of Server Virtualization
Virtual Machine
Software Implementation of a
machine that executes program
like a physical machine.
Host Operating System
Operating System actually
running in the server / hardware
Guest Operating System
The Operating System running
in the simulated virtual machine
HyperVisor or VMM
The Operating System running in the
simulated virtual machine
Host Operating System
Hardware -- “real machine”
Virtual
Machine
Guest Operating
System
APP APP
Virtual
Machine
Guest Operating
System
APP APP
Hypervisor / VMM
12. Virtual Machine
System Virtual Machine
Full Virtualization VMs run
directly on the server
infrastructure without any
general purpose OS
Hardware -- “real machine”
Virtual Machine Monitor (VMM)
Simulated
Machine
Operating
System
APP APP
Simulated
Machine
Operating
System
APP APP
Hardware -- “real machine”
Host Operating System
Simulated
Machine
Operating
System
APP APP
Simulated
Machine
Operating
System
APP APP
Process Virtual Machine?
Needs host operating system
Virtual Machine running as a
process in the host OS
13. HyperVisor
Hypervisor
Hypervisor is a variant of supervisor
and is the “Supervisor of Supervisor”
Piece of computer software, firmware
or hardware that creates and runs VM
Presents the guest operating system a
virtual operating platform and
manages the execution of guest OS
Multiple instances of a variety of
operating systems may share the
virtualized hardware resources
14. Type 1 Hypervisors
• Also known as bare-metal implementation
• They sit directly on the top of hardware, without needing any operating
system.
• Since they can directly communicate with hardware resources, they are
much faster than type 2 hypervisor
Pro’s
• Single virtual machine crash does not
affect rest of guest system.
• More Secure than type2.
• Generate less overhead and fast.
Example
Vmware Esx, Microsoft Hyper-V
15. Type 2 Hypervisors
• Type 2 hypervisor resides on top of the operating system.
• They cannot directly communicate with the hardware, they are less
efficient than the type 1
Pro’s
• Install is easier.
• OS takes care of all the hardware, that’s
why can support wide range of
hardware.
Con’s
• More points of failure, anything that
affects the stability of base os can also
affect the guest os.
Examples
KVM, VirtualBox
18. CPU Virtualization
What is CPU Virtualization?
• Single CPU acting as if there are more than 1 CPU in the
system.
• Most instructions are executed directly on the physical CPU
• The Hypervisor / VMM safely performs privileged instructions
19. X86 Architecture Privileges
• Four Levels of Privileges as Ring
0, 1, 2, 3 for both kernel space
(OS) and user space
applications
• These privileges are meant for
accessing the hardware
resources by the OS and user
space applications
• User Apps run in Ring 3 and OS
runs in Ring 0
• The AMD-V and Intel-VT CPUs
use a new privilege level called
Ring -1 for the VMM
21. Full Virtualization
User Apps
Guest OS
VMM
System Hardware
Ring 3
Ring 2
Ring 1
Ring 0
Full Virtualization
Requires no hardware assist or OS
assist for virtualization support
Guest OS is not aware of whether it is
running in VM or physical server.
The Guest OS runs in Ring 1 privilege
Hypervisor runs in Ring 0 privilege
22. Bare Metal Execution Methodology
• Guest user apps can’t tamper
with the guest OS due to ring
protections. However user level
code can be directly executed
on the processor for high
performance virtualization.
• Guest user apps and guest OS
can’t tamper with VMM due to
ring protections
• When the guest OS executes a
privileged instruction, it will
trap into the VMM
• When a guest app generates a
system call or exception, the
app will trap into the VMM
• VMM’s trap handler uses a
policy to decide what to do
(e.g., emulate the instruction)
User Apps
Guest OS
VMM
System Hardware
Ring 3
Ring 2
Ring 1
Ring 0
Direct Execution of
virtualizable instructions
Binary Translation of non-
virtualizable instructions
Bare Metal
23. Full Virtualization – Execution Methodology
• Guest user apps can’t tamper
with the guest OS due to ring
protections. However user level
code can be directly executed
on the processor for high
performance virtualization.
• Guest user apps and guest OS
can’t tamper with VMM due to
ring protections
• Any instruction either privileged
or non-privileged will trap into
the VMM
• When a guest app generates a
system call or exception, the
app will trap into the VMM
• VMM’s trap handler uses a
policy to decide what to do
(e.g., emulate the instruction)
User Apps
Guest OS
Host OS
System Hardware
Ring 3
Ring 2
Ring 1
Ring 0
Binary Translation of All
Instructions
Host Based VM
24. Full Virtualization – Drawbacks
Low Performance, typically
in the range of 80 – 97%
Running I/O intensive
applications will be
challenging
Code cache increases the
performance with the cost
of memory
25. Para Virtualization
Para Virtualization
Requires communication between the
guest OS and hypervisor to improve
performance and efficiency
Guest OS should be aware of whether
it is running in VM or physical server
Guest OS kernel needs to be modified
to replace non virtualizable
instructions with hypercalls that
communicate directly with the
hypervisor
The Guest OS runs in Ring 1 privilege.
Hypervisor runs in Ring 0 privilege
User Apps
Guest OS
Instrumented
Host S
System Hardware
Ring 3
Ring 2
Ring 1
Ring 0
Virtualization Layer
26. Para Virtualization – Execution Methodology
• Guest user apps can’t tamper
with the guest OS due to ring
protections. However user level
code can be directly executed
on the processor for high
performance virtualization.
• Guest user apps and guest OS
can’t tamper with VMM due to
ring protections
• As the guest OS kernel is
modified to replace non
virtualizable instructions with
hypercalls that communicate
directly with the hypervisor
• it will issue a hypercall to the
VMM
• VMM’s trap handler uses a
policy to decide what to do
(e.g., execute the instruction)
27. Hardware Assisted Virtualization
Hardware Assisted
Virtualization
Techniques like Intel VT-X, AMD-V
facilitates the hardware assisted
virtualization
Privileged and sensitive calls are set to
automatically trap to the hypervisor
and handled by hardware
The Guest OS runs in Ring 1 privilege
Hypervisor runs in Ring 0 privilege
User Apps
Guest OS
System Hardware
Ring 3
Ring 2
Ring 1
Ring 0
VMMRing -1
29. Memory Virtualization
What is Memory Virtualization?
• Abstracts the physical memory resources in a virtualized
server.
• Handles the physical memory, virtual memory of both guest
and host OS and maintains mapping between these entities.
31. Emulated I/O
Guest VM
Guest OS
Host OS
(Linux)
KVM (kernel module)
QEMU
vCPU vCPU
User space
Kernel space
I/O
emulation
I/O operation
MMIO or PIO
Trap
Native drivers
Interrupt
• Software emulates real hardware device
• VMs run same driver for the emulated hardware device
• Trap hypervisor I/O emulator (e.g., QEMU)
• Every I/O operation generates trap and emulation
• Poor performance
32. Para-Virtualized I/O
• Split driver model
• Front-end driver in a guest VM
• Virtual driver to forward an I/O request to its back-end driver
• Back-end driver in a host OS
• Request a forwarded I/O to HW via native driver
Guest VM
Guest OS
Host OS
(Linux)
KVM (kernel module)
QEMU
vCPU vCPUUser space
Kernel space
VirtIO
Backend
I/O operation
Native drivers
VirtIO
Frontend
Shared descriptor ring:
Optimization by batching
I/O requests
Reducing VMM
intervention cost
33. Direct I/O
Guest VM
Guest OS
Host OS
(Linux)
KVM (kernel module)
QEMU
vCPU vCPU
User space
Kernel space
I/O
emulation
I/O operation
MMIO or PIO
Native drivers
33/32
• Directly assign device to Guest
• High performance and low CPU utilization
35. Agenda
Introduction
KVM, QEMU, LibVirt
KVM Virtualization
CPU Virtualization in KVM
Memory Virtualization in VM
Para Virtualized Drivers and Network Device Virtualization
Example QEMU, LibVirt commands
36. KVM (Kernel Virtual Machine)
By itself, KVM does not perform any emulation. It exposes
/dev/kvm interface for virtualization
KVM (Kernel VM)
Hardware Assisted Virtualization infra
for linux on X86
Requires hardware containing
virtualization extensions (Intel VT or
AMD-V)
Open Source Software under GPL
license
Two Components: Kernel Component
part of mainline linux for 2.6.20. User
Component (part of Qemu)
37. Why KVM
Hardware Based Virtualization
Native Support for any guest OS
Better Performance
Open Source & Flexible
Enhanced Security
39. QEMU (Quick Emulator)
QEMU (Quick
EMUlator)
Generic and open source machine
emulator and virtualizer
QEMU can run programs made for one
machine (for example: an ARM board)
on a different machine
Hosted hypervisor/VMM that
performs hardware virtualization
Work along with KVM for providing
Hardware Assisted Virtualization
40. Emulation Vs Virtualization
Both can act as a hypervisor
Virtualization
Slice the underlying hardware into multiple disjoint virtual
devices
The ISA of host and guest typically are same
Guest operations can be directly dispatched to hardware
Emulation
Host and Guest may have different ISA
Guest ISA is managed in software
Guest operations needs translation
42. KVM vs QEMU
Both are hypervisors
Stand alone QEMU uses
paravirtualization where as
KVM provides infra for
hardware virtualization
KVM virtualizes only CPU
and memory whereas Qemu
virtualizes all other devices
When QEMU and KVM are
working together we get
hardware assisted
virtualization
43. KVM – Components
KVM.ko
Core KVM kernel module
Implements vCPU and MMU
Emulates few virtual devices in
kernel
Provides ioctls for
communications
Kvm-intel.ko / kvm-amd.ko
Provide support for Intel VMX
and AMDs SVM support
qemu-kvm
Based on Qemu emulator
Implements much of virtual
devices
Provides user interface to KVM
46. libvirt
Libvirt
Provides Open Source API for
managing the various hypervisors
The management task includes
provision, creation, modification,
monitoring, control, migration etc
Various cloud orchestration platforms
uses libvirt libraries for instantiating
the VMs
Any libvirt client can remotely connect
to the libvirt running in a host server
49. KVM Concepts
KVM converts the Linux Kernel to provide Hypervisor
support
However there is no change introduced in the Linux
kernel to provide the Hypervisor support.
Instead new kernel modules are introduced.
Linux kernel already does all the process, memory and
i/o management for the process running in the host OS
KVM introduces a new mode called guest mode along
with the User Mode and Kernel Mode
51. Intel Hardware Support For Virtualization
Intel Virtualization
Support
For processor virtualization, Intel
offers the VT-x . VT-X adds the guest
mode or ring –1 privilege for KVM
For memory virtualization, Intel offers
the EPT, which translates the virtual
address to the machine's physical
addresses to improve performance
For I/O virtualization, Intel
implements VT-d and VT-c
52. CPU Virtualization
Every VM is a normal application
process in the host machine.
The VM process in the host machine
can be scheduled to run on the CPU by
the host OS (like normal process).
However KVM allows the quest code /
OS to run directly into the host CPU
(although the quest OS / code runs as
an application process) using the guest
mode execution
For scheduling, memory management,
and other services KVM uses the linux
kernel however it helps the user
program to make use of the hardware
virtualization
55. Virtual Memory Virtualization
Virtual Memory Virtualization is similar to Virtual Memory concept.
In virtual memory concept the operating system maintains mappings of
virtual memory to machine memory using page tables.
However in VM environment, virtual memory virtualization involves
mapping between virtual memory of guest operating system to physical
memory of guest operating system along with the mapping of physical
memory of guest operating system to the machine memory
The first mapping will be maintained by guest OS and the second
mapping will be maintained by the hypervisor
57. KVM Emulated Device Virtualization
QEMU in user space provides the emulated device which is a software
implementation of the hardware.
The guest VM is not aware that it is an emulated device and interacts
with the device
When there is any I/O operation by the guest VM, the hypervisor
intercepts all I/O requests from the guest operating system and
emulates the operation of the real I/O hardware
58. KVM Para Device Virtualization / VirtIO
Para-virtualized devices are software implementations of hardware
devices
Para-virtualization requires that the guest operating system be modified
to communicate with the hypervisor.
It’s a split driver implementation with front-end driver sitting in VM and
backend driver sitting in KVM
The frontend and backend drivers communicate through a path that is
nothing but virtio
The frontend driver manages the I/O requests of the guest OSes and the
backend driver is responsible for managing the real I/O devices and
multiplexing the I/O data of different VMs
61. vNIC, TUN/TAP Interface
vNIC
A VNIC is a virtualized Network Interface Card, used by a Virtual Machine as
its network interface.
Linux Bridge
The Linux bridge code implements a subset of the ANSI/IEEE 802.1d standard.
Bridge can be created inside a system and can be used to provide
connectivity across the VM
TAP Interface
TAP simulates a link layer device and it operates with layer 2 packets like
Ethernet frames. Packets sent by an operating system via a TAP device are
delivered to a user-space program which attaches itself to the device
OVS
open-source implementation of a distributed virtual multilayer switch.
Provides a switching stack for hardware virtualization environments
63. User Networking
When?
• When the virtual machine is required to access to the host, to internet or to
resources available on your local network.
• There is no need to access your guest from the network or from another guest.
Procedure
• Simply run guest without specifying network parameters, which by default will
create user-level (a.k.a slirp) networking
64. Private Virtual Bridge
When?
• When setting up a private network between 2 or more virtual machines.
• This network won't be seen from the other virtual machines nor from the real
network.
Procedure
• Create a bridge
• Create a tap device
• Attach the tap device to the bridge
65. Public Bridge
When?
• You want to assign IP
addresses to your virtual
machines and make them
accessible from your local
network
Procedure
• Create a bridge
• Create a tap device
• Attach the tap device to the
bridge
• Attach the host machine
interface to the bridge
66. Routing With IP Tables
When?
• You want to pass through
all the traffic from VM to
IP tables of Host
Procedure
• Create a bridge
• Create a tap device
• Attach the tap device to
the bridge
• Attach the host machine
interface to the bridge
69. KVM Installation
Check your CPU has hardware virtualization
support – either Intel VT-x or AMD-V.
egrep -c ‘(svm|vmx)’ /proc/cpuinfo should return a value 1 or more
Install KVM, lib-virt, linux bridge utilities and GUI
based virt-manager
sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager
Run the command to add your user account to
the libvirt group
sudo adduser name libvirtd