Unit 2

Service Oriented Architecture
&
REST System of Systems
UNIT - II

Service Oriented Architecture
In grids/web services, Java, and CORBA, an entity is, respectively, a service, a Java object,
and a CORBA distributed object in a variety of languages. These architectures build on the
traditional seven Open Systems Interconnection (OSI) layers that provide the base
networking abstractions.

Layered Architecture for Web Services
and Grids
The entity interfaces correspond to the Web Services Description Language (WSDL), Java
method, and CORBA interface definition language (IDL) specifications in these example
distributed systems. These interfaces are linked with customized, high-level
communication systems: SOAP, RMI, and IIOP in the three examples.

and Grids
These communication systems support features including particular message patterns (such
as Remote Procedure Call or RPC), fault recovery, and specialized routing the features in
the Web Services Reliable Messaging (WSRM)

and Grids
Security is a critical capability that either uses or reemployments the capabilities seen in
concepts such as Internet Protocol Security (IPsec) and secure sockets in the OSI layers.

and Grids
JNDI (Jini and Java Naming and Directory Interface) illustrating different approaches
within the Java distributed object model. The CORBA Trading Service, UDDI (Universal
Description, Discovery, and Integration), LDAP (Lightweight Directory Access Protocol),
and ebXML (Electronic Business using eXtensible Markup Language) are other examples
of discovery and information services described

and Grids

Web Services and Tools
Loose coupling and support of heterogeneous implementations make services more
attractive than distributed objects. corresponds to two choices of service architecture: web
services or REST systems (these are further discussed in . Both web services and REST
systems have very distinct approaches to building reliable interoperable systems. In web
services, one aims to fully specify all aspects of the service and its environment

Web Services and Tools
In CORBA and Java, the distributed entities are linked with RPCs, and the simplest way to
build composite applications is to view the entities as objects and use the traditional ways
of linking them together. For Java, this could be as simple as writing a Java program with
method calls replaced by Remote Method Invocation (RMI), while CORBA supports a
similar model with a syntax reflecting the C++ style of its entity (object) interfaces

The Evolution of SOA
service-oriented architecture (SOA) has evolved over the years. SOA applies to building
grids, clouds, grids of clouds, clouds of grids, clouds of clouds (also known as interclouds),
and systems of systems in general. A large number of sensors provide data-collection
services, denoted in the figure as SS (sensor service). A sensor can be a ZigBee device, a
Bluetooth device, a WiFi access point, a personal computer, a GPA, or a wireless phone,
among other things. Raw data is collected by sensor services.

The Evolution of SOA
The evolution of SOA: grids of clouds and grids, where ―SS‖ refers to a sensor service
and ―fs‖ to a filter or transforming service Most distributed systems require a web
interface or portal. For raw data collected by a large number of sensors to be transformed
into useful information or knowledge, the data stream may go through a sequence of
compute, storage, filter, and discovery clouds. Finally, the inter-service messages converge
at the portal, which is accessed by all users

Grids versus Clouds
The boundary between grids and clouds are getting blurred in recent years. For web
services, workflow technologies are used to coordinate or orchestrate services with certain
specifications used to define critical business process models such as two-phase
transactions

Grids versus Clouds
In general, a grid system applies static resources, while a cloud emphasizes elastic
resources. For some researchers, the differences between grids and clouds are limited only
in dynamic resource allocation based on virtualization and autonomic computing. Thus one
may end up building with a system of systems: such as a cloud of clouds, a grid of clouds,
or a cloud of grids, or inter-clouds as a basic SOA architecture

UNIT - II

REST – In a Nutshell
 REST is about resources and how to represent resources in different ways.
 REST is about client-server communication.
 REST is about how to manipulate resources.
 REST offers a simple, interoperable and flexible way of writing web services that can be
very different from other techniques.
 Comes from Roy Fielding’s Thesis study.

REST is NOT !
 A protocol.
 A standard.
 A replacement for SOAP.

REST
 Representational State Transfer
 Architectural style (technically not a standard)
 Idea: a network of web pages where the client progresses through an application by
selecting links
 When client traverses link, accesses new resource (i.e., transfers state)
 Uses existing standards, e.g., HTTP
 REST is an architecture all about the Client-Server communication.

REST An Architectural Style
 REST is the architecture of the Web as it works today and, so it is already used in the web!
 It is an software architectural model which is used to describe distributed systems like
WWW (World Wide Web).
 It has been developed in parallel with HTTP protocol.

REST THE WEB
 Client requests a specific resource from the server.
 The server responds to that request by delivering the requested
resource.
 Server does not have any information about any client.
 So, there is no difference between the two requests of the same
client.
 A model which the representations of the resources are
transferred between the client and the server.
 The Web as we know is already in this form!

REST Resources
 Resources are just consistent mappings from an identifier
[such as a URL path] to some set of views on server-side
state.
 Every resource must be uniquely addressable via a URI.
 “If one view doesn’t suit your needs, then feel free to create
a different resource that provides a better view. ”
 “These views need not have anything to do with how the
information is stored on the server … They just need to be
understandable (and actionable) by the recipient.”

REST Requests & Responses
 REQUEST
GET /news/ HTTP/1.1
Host: example.org
Accept-Encoding: compress, gzip
User-Agent: Python-httplib2
Here is a GET request to «http://example.org/news/»
Method = GET

 And here is the response…
 RESPONSE
HTTP/1.1 200 Ok
Date: Thu, 07 Aug 2008 15:06:24 GMT
Server: Apache
ETag: "85a1b765e8c01dbf872651d7a5"
Content-Type: text/html
Cache-Control: max-age=3600
<!DOCTYPE HTML>
...

 The request is to a resource identified by a URI (URI = Unified Resource Identifier).
 In this case, the resource is http://example.org/news/»
 Resources, or addressability is very important.
 Every resource is URL-addressable.
 To change system state, simply change a resource.

REST Characteristics
 Resources: Application state and functionality are abstracted into resources.
 URI: Every resource is uniquely addressable using URIs.
 Uniform Interface: All resources share a uniform
interface for the transfer of state between client and resource, consisting of
 Methods: Use only HTTP methods such as GET, PUT, POST, DELETE, HEAD
 Representation
 Protocol (The constraints and the principles)
 Client-Server
 Stateless
 Cacheable
 Layered

HTTP Methods
 GET – safe, idempotent, cacheable
 PUT – idempotent
 POST
 DELETE – idempotent
 HEAD
 OPTIONS

REST was developed in a PhD dissertation by Roy
Fielding, and he calls it an “architectural style.” He
says REST exploits existing technology and
protocols of the Web including HTTP and XML.
REST is similar in function to the Simple Object
Access Protocol (SOAP), but is easier to use. SOAP
requires writing or using a data server program
and a client program (to request the data).
However, SOAP offers more capability.

Representational state transfer (REST) is a
way of getting information content from a
website by reading a designated web page
that contains an XML file that describes and
includes the desired content.

For instance, REST could be used by your cloud
provider to provide updated subscription
information. Every so often, the provider could
prepare a web page that includes content and XML
statements that are described in the code.
Subscribers only need to know the uniform
resource locator (URL) for the page where the XML
file is located, read it with a web browser,
understand the content using XML information,
and display it appropriately.

Clients send a request to the web server for information,
using the same URL. The web site has updated its content,
and uses REST to send the information back to the clients.

A simple REST interaction between user and server in HTTP specification.

REST Resources
Resources An important component in REST is the
existence of resources. Resources are sources of
specific information and each one is referenced by
a global identifier, like a URL in HTTP. To
manipulate these resources, network components
communicate via a standard interface (like HTTP)
and exchange representations of the resources (for
instance, the actual documents conveying the
information).

REST Benefits
• It gives better response time and reduced
server load due to its support for the caching
of representations.
• Server scalability is improved by reducing
the need to maintain session state.
• A single browser can access any
application and any resource, so less client-
side software needs to be written.

REST Benefits
• A separate resource discovery mechanism
is not needed, due to the use of hyperlinks in
representations.
• Better long-term compatibility and
evolvability characteristics exist than in RPC.

REST Benefits
This is due to:
• The ability of documents, like HTML, to
evolve with both forward- and backward-
compatibility.
• Resources can add support for new content
types as they are defined, without
eliminating support for older content types.

REST Benefits
A benefit when using RESTful applications
on the cloud is that REST allows users to
bookmark specific queries and allows those
queries to be sent to others via email or
instant messaging. This “representation” of a
path or entry point into an application
becomes very portable.

Services and Web Services
UNIT - II

The term “web service” is often referred to a
self-contained, self-describing, modular
application designed to be used and accessible
by other software applications across the web.
Once a web service is deployed, other
applications and other web services can
discover and invoke the deployed service

In fact, a web service is one of the most common
instances of an SOA implementation. The W3C
working group defines a web service as a software
system designed to support interoperable machine-
to-machine interaction over a network. According to
this definition, a web service has an interface
described in a machine-executable format
(specifically Web Services Description Language or
WSDL).

A simple web service interaction among provider, user, and the UDDI registry.

Web Services - SOAP
SOAP provides a standard packaging structure for
transmission of XML documents over various
Internet protocols, such as SMTP, HTTP, and FTP. By
having such a standard message format,
heterogeneous middleware systems can achieve
interoperability.

Web Services - SOAP
A SOAP message consists of a root element called
envelope, which contains a header: a container that
can be extended by intermediaries with additional
application-level elements such as routing
information, authentication, transaction
management,
message parsing instructions, and Quality of Service
(QoS) configurations, as well as a body element that
carries the payload of the message.

Web Services - WSDL
WSDL describes the interface, a set of operations
supported by a web service in a standard format. It
standardizes the representation of input and output
parameters of its operations as well as the service’s
protocol binding, the way in which the messages will
be transferred on the wire. Using WSDL enables
disparate clients to automatically understand how to
interact with a web service.

Web Services - UDDI
UDDI provides a global registry for advertising and
discovery of web services, by searching for names,
identifiers, categories, or the specification
implemented by the web service.

Web Services - WS-I Protocol
Stack
Unlike RESTful web services that do not cover QoS
and contractual properties, several optional
specifications have been proposed for SOAP-based
web services to define nonfunctional requirements
and to guarantee a certain level of quality in message
communication as well as reliable, transactional
policies, such as WS-Security, WS-Agreement, WS-
ReliableMessaging, WS-Transaction, and WS-
Coordination

Stack
WS-I protocol stack and its related specifications.

Stack
As mentioned, SOAP messages are encoded using
XML, which requires that all self-described data be
sent as ASCII strings. The description takes the form
of start and end tags which often constitute half or
more of the message’s bytes Transmitting data using
XML leads to a considerable transmission overhead,
increasing the amount of transferred data by a factor
4 to 10 .

Stack
Since SOAP can combine the strengths of XML and
HTTP, as a standard transmission protocol for data, it
is an attractive technology for heterogeneous
distributed computing environments, such as grids
and clouds, to ensure interoperability.

Stack
A SOAP message consists of an envelope used by the
applications to enclose information that need to be
sent. An envelope contains a header and a body
block. The EncodingStyle element refers to the URI
address of an XML schema for encoding elements of
the message. Each element of a SOAP message may
have a different encoding, but unless specified, the
encoding of the whole message is as defined in the
XML schema of the root element.

Web Services – SOAP Request
Response

Web Services – Core WS -
Specification

Publish – Subscribe Model
UNIT - II

Publish – Subscribe Model
Publish - Subscribe is an asynchronous messaging
service that decouples services that produce events
from services that process events.
You can use Publish - Subscribe as messaging-
oriented middleware or event ingestion and delivery
for streaming analytics pipelines.

Publish – Subscribe Model -
Core concepts
Topic: A named resource to which messages are sent
by publishers.
Subscription: A named resource representing the
stream of messages from a single, specific topic, to be
delivered to the subscribing application. For more
details about subscriptions and message delivery
semantics.

Publish – Subscribe Model -
Core concepts
Message: The combination of data and (optional)
attributes that a publisher sends to a topic and is
eventually delivered to subscribers.
Message attribute: A key-value pair that a publisher
can define for a message. For example,
key iana.org/language_tag and value en could be
added to messages to mark them as readable by an
English-speaking subscriber.

Publisher-subscriber
relationships
A publisher application creates and sends messages to
a topic. Subscriber applications create
a subscription to a topic to receive messages from it.
Communication can be one-to-many (fan-out),
many-to-one (fan-in), and many-to-many.

Publisher-subscriber
relationships

Publish - Subscriber message
flow
A publisher application creates a topic in the Publish
- Subscribe service and sends messages to the topic. A
message contains a payload and optional attributes
that describe the payload content.
The service ensures that published messages are
retained on behalf of subscriptions. A published
message is retained for a subscription until it is
acknowledged by any subscriber consuming
messages from that subscription.

flow
Publish - Subscribe forwards messages from a topic to all of
its subscriptions, individually.
A subscriber receives messages either by Publish -
Subscribe pushing them to the subscriber's chosen endpoint,
or by the subscriber pulling them from the service.
The subscriber sends an acknowledgement to the Publish -
Subscribe service for each received message.
The service removes acknowledged messages from the
subscription's message queue.

flow

Publisher and subscriber
endpoints
Publishers can be any application that can make HTTPS
requests to pubsub.googleapis.com: an App Engine app, a
web service hosted on Google Compute Engine or any
other third-party network, an app installed on a desktop
or mobile device, or even a browser.
Pull subscribers can also be any application that can
make HTTPS requests to pubsub.googleapis.com.
Push subscribers must be Webhook endpoints that can
accept POST requests over HTTPS.

Publisher and subscriber
endpoints

Publish-Subscriber integrations

Common use cases
Balancing workloads in network clusters. For example, a
large queue of tasks can be efficiently distributed among
multiple workers, such as Google Compute Engine
instances.
Implementing asynchronous workflows. For example, an
order processing application can place an order on a
topic, from which it can be processed by one or more
workers.
Distributing event notifications. For example, a service
that accepts user signups can send notifications
whenever a new user registers, and downstream services
can subscribe to receive notifications of the event.

Common use cases
Refreshing distributed caches. For example, an
application can publish invalidation events to update
the IDs of objects that have changed.
Logging to multiple systems. For example, a Google
Compute Engine instance can write logs to the
monitoring system, to a database for later querying,
and so on.

Common use cases
Data streaming from various processes or devices. For
example, a residential sensor can stream data to
backend servers hosted in the cloud.
Reliability improvement. For example, a single-zone
Compute Engine service can operate in additional
zones by subscribing to a common topic, to recover
from failures in a zone or region.

Virtualization
Virtualization technology is one of the
fundamental components of cloud computing,
especially in regard to infrastructure-based
services. Virtualization allows the creation of a
secure, customizable, and isolated execution
environment for running applications ,even if they
are un trusted ,without affecting other users’
applications.

Virtualization
Virtualization is a large umbrella of technologies
and concepts that are meant to provide an abstract
environment—whether virtual hardware or an
operating system—to run applications. The term
virtualization is often synonymous with hardware
virtualization, which plays a fundamental role in
efficiently delivering Infrastructure-as-a-Service
(IaaS) solutions for cloud computing.

Virtualization
virtualization has been sporadically explored and
adopted, but in the last few years there has been a
consistent and growing trend to leverage this
technology. Virtualization technologies have
gained renewed interested recently due to the
confluence of several phenomena:

Virtualization
Virtualization Technologies Phenomena:
•Increased performance and computing capacity
•Underutilized hardware and software resources.
•Lack of space.
•Greening initiatives.
•Rise of administrative costs.

Virtualization
•Increased performance and computing capacity
The average end-user desktop PC is powerful
enough to meet almost all the needs of everyday
computing, with extra capacity that is rarely
used. Almost all these PCs have resources
enough to host a virtual machine manager and
execute a virtual machine with by far
acceptable performance.

Virtualization
•Underutilized hardware and software resources.
Hardware and software underutilization is
occurring due to (1) increased performance
and computing capacity, and (2) the effect of
limited or sporadic use of resources. Computers
today are so powerful that in most cases only a
fraction of their capacity is used by an
application or the system.

Virtualization
•Lack of space.
The continuous need for additional capacity,
whether storage or compute power, makes data
centers grow quickly.

Virtualization
•Greening initiatives.
Reducing the number of servers through server
consolidation will definitely reduce the impact
of cooling and power consumption of a data
center. Virtualization technologies can provide
an efficient way of consolidating servers.

Virtualization
•Rise of administrative costs.
Common system administration tasks
include hardware monitoring, defective
hardware replacement, server setup and
updates, server resources monitoring, and
backups.

Characteristics of virtualized
environments
Virtualization is a broad concept that refers to the
creation of a virtual version of something, whether
hardware, a software environment, storage, or a
network. In a virtualized environment there are
three major components:
guest, host, and virtualization layer

environments
The virtualization reference model.

environments
Increased security
The ability to control the execution of a guest in a
completely transparent manner opens new
possibilities for delivering a secure, controlled
execution environment. The virtual machine
represents an emulated environment in which the
guest is executed. All the operations of the guest are
generally performed against the virtual machine,
which then translates and applies them to the host.

environments
Increased security
Increased security is a requirement when dealing
with un trusted code. For example, applets
downloaded from the Internet run in as and boxed
version of the Java Virtual Machine(JVM),

environments
Managed execution
Virtualization of the execution environment not
only allows increased security, but a wider range of
features also can be implemented. In particular,
sharing, aggregation, emulation, and isolation are
the most relevant features

environments
Managed execution
Functions enabled by managed execution.

environments
Aggregation
Not only is it possible to share physical resource among
several guests, but virtualization also allows aggregation,
which is the opposite process. A group of separate hosts can
be tied together and represented to guest as a single virtual
host. This function is naturally implemented in middleware
for distributed computing, with a classical example
represented by cluster management software, which
harnesses the physical resources of a homogeneous group of
machines and represents them as a single resource.
Managed execution

environments
Emulation
Guest programs are executed with in an environment that is
controlled by the virtualization layer, which ultimately is a
program. This allows for controlling and tuning the
environment that is exposed to guests. For instance, a
completely different environment with respect to the host
can be emulated, thus allowing the execution of guest
programs requiring specific characteristics that are not
present in the physical host.
Managed execution

environments
Isolation
Virtualization allows providing guests whether they are
operating systems, applications, or other entities with a
completely separate environment, in which they are
executed. The guest program performs its activity by
interacting with an abstraction layer, which provides access
to the underlying resources.
Managed execution

environments
The concept of portability applies in different ways
according to the specific type of virtualization considered.
In the case of a hardware virtualization solution, the guest is
packaged into a virtual image that, in most cases, can be
safely moved and executed on top of different virtual
machines. Except for the file size, this happens with the
same simplicity with which we can display a picture image
in different computers. Virtual images are generally
proprietary formats that require a specific virtual machine
manager to be executed.
Portability

Types of Virtualization
1. Hardware Virtualization.
2. Operating system
Virtualization.
3. Server Virtualization.
4. Storage Virtualization.

1. Hardware Virtualization
• When the virtual machine software or virtual machine manager (VMM) is directly
installed on the hardware system is known as hardware virtualization.
• The main job of hypervisor is to control and monitoring the processor, memory and other
hardware resources.
Usage:
• Hardware virtualization is mainly done for the server platforms, because controlling virtual
machines is much easier than controlling a physical server.

2. Operating System Virtualization
• When the virtual machine software or virtual machine manager (VMM) is installed
on the Host operating system instead of directly on the hardware system is known
as operating system virtualization.
Usage:
• Operating System Virtualization is mainly used for testing the applications on different
platforms of OS.

Virtual Operating system
Architecture
Traditional Operatingsystem
Architecture

3. Server Virtualization:
• When the virtual machine software or virtual machine manager (VMM) is directly
installed on the Server system is known as server virtualization.
Usage:
• Server virtualization is done because a single physical server can be divided into
multiple servers on the demand basis and for balancing the load.

4. Storage Virtualization
• Storage virtualization is the process of grouping the physical storage from multiple
network storage devices so that it looks like a single storage device.
• Storage virtualization is also implemented by using software applications.
Usage:
• Storage virtualization is mainly done for back-up and recovery purposes.

Cloud vs Virtualization
• Cloud computer is internet based computing where virtual shared provide Software,
Infrastructure, platform.
• Virtualized
• API
• Pay-as-per-use
• Scalability
Virtualization can exist without the cloud but cloud computing cannot exist without
virtualization.

Advantages of Virtualization
1. Reduced Costs.
2. Efficient hardware Utilization.
3. Virtualization leads to better resource Utilization and increase performance
4. Testing for software development.
5. IncreaseAvailability
6. Save energy
7. Shifting all your Local Infrastructure to Cloud in a day
8. Possibility to Divide Services
9. Running application not supported by the host.

Virtualization Structures
( Tool and Mechanism)
UNIT - 2

Definition
In general, there are three typical classes of VM architecture the
architectures of a machine before and after virtualization. Before
virtualization, the operating system manages the hardware. After
virtualization, a virtualization layer is inserted between the
hardware and the operating system.

Definition
Therefore, different operating systems such as Linux and Windows
can run on the same physical machine, simultaneously. Depending
on the position of the virtualization layer, there are several classes
of VM architectures, namely the hypervisor architecture, para-
virtualization, and host-based virtualization. The hypervisor is also
known as the VMM (Virtual Machine Monitor). They both perform
the same virtualization operations.

Hypervisor and Xen Architecture
The hypervisor supports hardware-level virtualization on bare metal devices
like CPU, memory, disk and network interfaces. The hypervisor software sits
directly between the physical hardware and its OS. This virtualization layer
is referred to as either the VMM or the hypervisor. The hypervisor provides
hypercalls for the guest OSes and applications.

Hypervisor and Xen Architecture
Depending on the functionality, a hypervisor can assume a micro-
kernel architecture like the Microsoft Hyper-V. Or it can assume a
monolithic hypervisor architecture like the VMware ESX for server
virtualization.

The Xen Architecture
Xen is an open source hypervisor program developed by
Cambridge University. Xen is a microkernel hypervisor, which
separates the policy from the mechanism. The Xen hypervisor
implements all the mechanisms, leaving the policy to be handled
by Domain 0, as shown in Xen does not include any device drivers
natively It just provides a mechanism by which a guest OS can
have direct access to the physical devices. As a result, the size of the
Xen hypervisor is kept rather small. Xen provides a virtual
environment located between the hardware and the OS.

The Xen architecture’s special domain 0 for control and I/O, and several guest
domains for user applications.

The core components of a Xen system are the hypervisor, kernel,
and applications. The organization of the three components is
important. Like other virtualization systems, many guest OSes can
run on top of the hypervisor.

Binary Translation with Full Virtualization
Depending on implementation technologies, hardware virtualization can
be classified into two categories:
full virtualization and host-based virtualization.
Full virtualization does not need to modify the host OS. It relies on
binary translation to trap and to virtualized the execution of certain
sensitive, non virtualizable instructions. The guest OSes and their
applications consist of noncritical and critical instructions.
In a host-based system, both a host OS and a guest OS are used. A
virtualization software layer is built between the host OS and guest OS.

With full virtualization, noncritical instructions run on the
hardware directly while critical instructions are discovered
and replaced with traps into the VMM to be emulated by
software. Both the hypervisor and VMM approaches are
considered full virtualization. Noncritical instructions do not
control hardware or threaten the security of the system, but
critical instructions do. Therefore, running noncritical
instructions on hardware not only can promote efficiency,
but also can ensure system security
FullVirtualization

An alternative VM architecture is to install a
virtualization layer on top of the host OS. This host OS is
still responsible for managing the hardware. The guest
OSes are installed and run on top of the virtualization
layer. Dedicated applications may run on the VMs.
Certainly, some other applications can also run with the
host OS directly.
Host-BasedVirtualization

This hostbased architecture has some distinct advantages, as
enumerated next.
First, the user can install this VM architecture without modifying
the host OS. The virtualizing software can rely on the host OS to
provide device drivers and other low-level services. This will
simplify the VM design and ease its deployment.
Second, the host-based approach appeals to many host machine
configurations. Compared to the hypervisor/VMM architecture, the
performance of the host-based architecture may also be low. When
an application requests hardware access, it involves four layers of
mapping which downgrades performance significantly.

Indirect execution of complex instructions via binary translation of guest OS requests
using the VMM plus direct execution of simple instructions on the same host

Para-Virtualization with Compiler Support
Para-virtualization needs to modify the guest operating systems.
A para-virtualized VM provides special APIs requiring
substantial OS modifications in user applications. Performance
degradation is a critical issue of a virtualized system. No one
wants to use a VM if it is much slower than using a physical
machine. The virtualization layer can be inserted at different
positions in a machine software stack. However, para-
virtualization attempts to reduce the virtualization overhead, and
thus improve performance by modifying only the guest OS
kernel.

Para-Virtualization Architecture
When the x86 processor is virtualized, a virtualization layer is
inserted between the hardware and the OS. According to the x86
ring definition, the virtualization layer should also be installed at
Ring 0. Different instructions at Ring 0 may cause some
problems.

Para-virtualized VM architecture, which involves modifying the guest OS
kernel to replace nonvirtualizable instructions with hypercalls for the
hypervisor or the VMM to carry out the virtualization process

The use of a para-virtualized guest OS assisted by
an intelligent compiler to replace nonvirtualizable OS
instructions by hypercalls.

Although para-virtualization reduces the overhead, it has
incurred other problems.
First, its compatibility and portability may be in doubt,
because it must support the unmodified OS as well.
Second, the cost of maintaining para-virtualized OSes is
high, because they may require deep OS kernel modifications.
Finally, the performance advantage of para-virtualization
varies greatly due to workload variations.

The KVM does the rest, which makes it simpler than the
hypervisor that controls the entire machine. KVM is a
hardware-assisted para-virtualization tool, which improves
performance and supports unmodified guest OSes such as
Windows, Linux, Solaris, and other UNIX variants.
KVM (Kernel-Based VM)

Unlike the full virtualization architecture which intercepts and
emulates privileged and sensitive instructions at runtime, para-
virtualization handles these instructions at compile time. The guest
OS kernel is modified to replace the privileged and sensitive
instructions with hypercalls to the hypervisor or VMM. Xen
assumes such a para-virtualization architecture.
The guest OS running in a guest domain may run at Ring 1 instead
of at Ring 0. This implies that the guest OS may not be able to
execute some privileged and sensitive instructions. The privileged
instructions are implemented by hypercalls to the hypervisor. After
replacing the instructions with hypercalls, the modified guest OS
emulates the behavior of the original guest OS.

The VMware ESX server architecture using para-virtualization.

Virtualization Support and
Disaster Recovery
UNIT - 2

VIRTUALIZATION OF
CPU, MEMORY, AND I/O
DEVICES
UNIT - 2

Brief
To support virtualization, processors such as the x86 employ a special running mode and
instructions, known as hardware-assisted virtualization. In this way, the VMM and guest
OS run in different modes and all sensitive instructions of the guest OS and its applications
are trapped in the VMM.

Structure
Virtualization
Hardware
Support
Virtualization
CPU
Virtualization
Memory
Virtualization
I/O
Virtualization
Virtualization in
Multi-Core
Processor

Hardware Support for Virtualization
Modern operating systems and processors permit multiple processes to run simultaneously.
If there is no protection mechanism in a processor, all instructions from different processes
will access the hardware directly and cause a system crash. Therefore, all processors have
at least two modes, user mode and supervisor mode, to ensure controlled access of critical
hardware.

Instructions running in supervisor mode are called privileged instructions. Other
instructions are unprivileged instructions. In a virtualized environment, it is more difficult
to make OSes and applications run correctly because there are more layers in the machine
stack.

Intel hardware support for virtualization of processor, memory, and I/O devices.
Virtualization Technology Extensions (VT-x) , (VT-i)-Virtualization Technology for
Itanium Processors
Extended Page Tables (EPT), (VT-c) - Virtualization Technology for Connectivity, d-
Compatibility and Reliability

CPU Virtualization
A CPU architecture is virtualizable if it supports the ability to run the VM’s privileged and
unprivileged instructions in the CPU’s user mode while the VMM runs in supervisor mode.
When the privileged instructions including control- and behavior-sensitive instructions of a
VM are executed, they are trapped in the VMM.

CPU Virtualization
The critical instructions are divided into three categories: privileged instructions, control
sensitive instructions, and behavior-sensitive instructions.
 Privileged instructions execute in a privileged mode and will be trapped if executed outside this
mode.
 Control-sensitive instructions attempt to change the configuration of resources used.
 Behavior-sensitive instructions have different behaviors depending on the configuration of
resources, including the load and store operations over the virtual memory.

CPU Virtualization
A CPU architecture is virtualizable if it supports the ability to run the VM’s privileged and
unprivileged instructions in the CPU’s user mode while the VMM runs in supervisor mode.
When the privileged instructions including control- and behavior-sensitive instructions of a
VM are executed, they are trapped in the VMM.
In this case, the VMM acts as a unified mediator for hardware access from different VMs
to guarantee the correctness and stability of the whole system.
However,not all CPU architectures are virtualizable.

CPU Virtualization
This technique attempts to simplify virtualization because full or
para virtualization is complicated.
Intel and AMD add an additional Therefore, operating systems can
still run at Ring 0 and the hypervisor can run at Ring -1.
All the privileged and sensitive instructions are trapped in the
hypervisor automatically.
This technique removes the difficulty of implementing binary
translation of full virtualization. It also lets the operating system run
in VMs without modification mode called privilege mode level
Hardware-Assisted CPU Virtualization

CPU Virtualization
Intel hardware-assisted CPU virtualization.

Memory Virtualization
Virtual memory virtualization is similar to the virtual memory support provided by modern
operating systems. In a traditional execution environment, the operating system maintains
mappings of virtual memory to machine memory using page tables, which is a one-stage
mapping from virtual memory to machine memory.

All modern x86 CPUs include a memory management unit (MMU) and a translation look
aside buffer (TLB) to optimize virtual memory performance. However, in a virtual
execution environment, virtual memory virtualization involves sharing the physical system
memory in RAM and dynamically allocating it to the physical memory of the VMs.

That means a two-stage mapping process should be maintained by the guest OS and the
VMM, respectively: virtual memory to physical memory and physical memory to machine
memory.
Furthermore, MMU virtualization should be supported, which is transparent to the guest
OS. The guest OS continues to control the mapping of virtual addresses to the physical
memory addresses of VMs.

Two-level memory mapping procedure

Two-level memory mapping procedure
Memory virtualization using EPT by Intel

I/O Virtualization
I/O virtualization involves managing the routing of I/O requests between virtual devices
and the shared physical hardware. At the time of this writing, there are three ways to
implement I/O virtualization:
 Full device emulation,
 Para-virtualization, and
 Direct I/O.

I/O Virtualization
FULL DEVICE EMULATION,
Full device emulation is the first approach for I/O virtualization.
Generally, this approach emulates well-known, real-world devices.
All the functions of a device or bus infrastructure, such as device
enumeration, identification, interrupts, and DMA, are replicated in
software. This software is located in the VMM and acts as a virtual
device. The I/O access requests of the guest OS are trapped in the
VMM which interacts with the I/O devices

I/O Virtualization
THE PARA-VIRTUALIZATION
It’s a method of I/O virtualization is typically used in Xen. It is also known as the split
driver model consisting of a frontend driver and a backend driver. The frontend driver is
running in Domain U and the backend driver is running in Domain 0. They interact with
each other via a block of shared memory. The frontend driver manages the I/O requests of
the guest OSes and the backend driver is responsible for managing the real I/O devices and
multiplexing the I/O data of different VMs.

I/O Virtualization
DIRECT I/O VIRTUALIZATION
lets the VM access devices directly. It can achieve close-to-native performance without
high CPU costs. However, current direct I/O virtualization implementations focus on
networking for mainframes. There are a lot of challenges for commodity hardware devices.
For example, when a physical device is reclaimed (required by workload migration) for
later reassignment, it may have been set to an arbitrary state (e.g., DMA to some arbitrary
memory locations) that can function incorrectly or even crash the whole system.

I/O Virtualization
Functional blocks involved in sending and receiving
network packets.

Virtualization in Multi-Core Processors
Virtualizing a multi-core processor is relatively more complicated than virtualizing a uni-
core processor. Though multicore processors are claimed to have higher performance by
integrating multiple processor cores in a single chip, muti-core virtualiuzation has raised
some new challenges to computer architects, compiler constructors, system designers, and
application programmers.

Virtualization in Multi-Core Processors
There are mainly two difficulties:
Application programs must be parallelized to use all cores fully, and
software must explicitly assign tasks to the cores, which is a very complex
problem.
Concerning the first challenge, new programming models, languages, and
libraries are needed to make parallel programming easier.
The second challenge has spawned research involving scheduling
algorithms and resource management policies. Yet these efforts cannot
balance well among performance, complexity, and other issues.

Brief
One very distinguishing feature of cloud computing infrastructure is the use of system
virtualization and the modification to provisioning tools. Virtualization of servers on a
shared cluster can consolidate web services. As the VMs are the containers of cloud
services, the provisioning tools will first find the corresponding physical machines and
deploy the VMs to those nodes before scheduling the service to run on the virtual nodes.

Brief
In addition, in cloud computing, virtualization also means the resources and fundamental
infrastructure are virtualized. The user will not care about the computing resources that are
used for providing the services. Cloud users do not need to know and have no way to
discover physical resources that are involved while processing a service request. Also,
application developers do not care about some infrastructure issues such as scalability and
fault tolerance (i.e., they are virtualized).

Hardware Virtualization
In many cloud computing systems, virtualization software is used to virtualize the
hardware. System virtualization software is a special kind of software which simulates
the execution of hardware and runs even unmodified operating systems

Cloud computing systems use virtualization software as the running environment for
legacy software such as old operating systems and unusual applications. Virtualization
software is also used as the platform for developing new cloud applications that enable
developers to use any operating systems and programming environments they like. The
development environment and deployment environment can now be the same, which
eliminates some runtime problems.

Virtualize
d servers,
storage,
and
network
for cloud
platform
constructi
on.

Virtualization Support in Public Clouds
The VMware tools apply to workstations, servers, and
virtual infrastructure. The Microsoft tools are used on
PCs and some special servers. The XenEnterprise tool
applies only to Xen-based servers. Everyone is
interested in the cloud; the entire IT industry is
moving toward the vision of the cloud. Virtualization
leads to HA, disaster recovery, dynamic load leveling,
and rich provisioning support. Both cloud computing
and utility computing leverage the benefits of
virtualization to provide a scalable and autonomous
computing environment.

Virtualization Support in Public Clouds
Recovery
overhead
of a
conventio
nal
disaster
recovery
scheme,
compared
with that
required
to recover
from
live
migration
ofVMs.

Storage Virtualization for Green Data
Centers
IT power consumption in the United States has more
than doubled to 3 percent of the total energy
consumed in the country. The large number of data
centers in the country has contributed to this energy
crisis to a great extent. More than half of the
companies in the Fortune 500 are actively
implementing new corporate energy policies. Recent
surveys from both IDC and Gartner confirm the fact
that virtualization had a great impact on cost
reduction from reduced power consumption in
physical computing systems.

Virtualization for IaaS
VM technology has increased in ubiquity. This has enabled users to
create customized environments atop physical infrastructure for
cloud computing. Use of VMs in clouds has the following distinct
benefits:
(1) System administrators consolidate workloads of underutilized
servers in fewer servers;
(2) VMs have the ability to run legacy code without interfering with
other APIs;
(3) VMs can be used to improve security through creation of
sandboxes for running applications with questionable reliability; And
(4) virtualized cloud platforms can apply performance isolation,
letting providers offer some guarantees and better QoS to customer
applications.

VM Cloning for Disaster Recovery
VM technology requires an advanced disaster recovery scheme.
One scheme is to recover one physical machine by another
physical machine. The second scheme is to recover one VM by
Another traditional disaster recovery from one physical
machine to another is rather slow, complex, and expensive.
Total recovery time is attributed to the hardware configuration,
installing and configuring the OS, installing the backup agents,
and the long time to restart the physical machine. To recover a
VM platform, the installation and configuration times for the
OS and backup agents are eliminated. Therefore, we end up
with a much shorter disaster recovery time, about 40 percent of
that to recover the physical machines. Virtualization aids in fast
disaster recovery by VM encapsulation.

VM Cloning for Disaster Recovery
The migrated VM can run on a shared Internet connection.
Only updated data and modified states are sent to the
suspended VM to update its state. The Recovery Property
Objective (RPO) and Recovery Time Objective (RTO) are
affected by the number of snapshots taken. Security of the VMs
should be enforced during live migration of VMs.

Unit 2

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Similar to Unit 2

Similar to Unit 2 (20)

Recently uploaded

Recently uploaded (20)

Unit 2