DevOps
Virtualization
Michael L. Collard, Ph.D.
Department of Computer Science, The University of Akron
Running non-native Instruction Sets
- emulator
- Reproduction of the function or action of a different computer, software system, etc.
- Replicates the original guest instruction set
-
E.g., Android emulator
- simulator
- Models the original guest instruction set
- realistic imitation
- E.g., flight simulator
- E.g., iPhone simulator
Tradeoffs
| simulator | emulator | |
| speed | fast | slow |
| behavior | approximation | accurate (except for response) |
Platform Virtualization
- Hide the physical characteristics of computer resources from the applications
- Not a new idea: IBM’s CP-40 1967, CP/CMS, VM
- Full Virtualization
- Simulate enough hardware so that an unmodified guest operating system can run
- Provides a full “virtual machine”
- Scenarios:
- Run Linux in a virtual machine on Windows
- Run multiple logical servers (each with a separate virtual machine) on a single physical server
Virtual Machine Monitors (VMMs)
Challenges of Running a VMM
Popek & Goldberg
- Formal Requirements for Virtualizable Third Generation Architectures - Popek & Goldberg, Communications of the ACM, July 1974 https://doi.org/10.1145/361011.361073
- Virtual Machine
- capable of virtualizing all hardware resources, processors, memory, storage, and peripherals
- Virtual Machine Monitor (VMM)
- provides virtual machine abstraction
- Also referred to as a hypervisor
Popek & Goldberg VMM Properties
- Equivalence
- Program running under a VMM should exhibit a behavior identical to that of running on the equivalent machine
- Resource Control
- VMM is in full control of virtualized resources
- Efficiency
- A statistically dominant fraction of machine instructions may be executed without VMM intervention
Popek & Goldberg: Instruction Characteristics
- Privileged instructions
- those that trap in user mode and only run in system mode
- Control-sensitive instructions
- those that change the resource configuration of the system
- Behavior-sensitive instructions
- behavior or results depend on the configuration of resources
Theorem 1: Virtualization
Can construct a VMM if the set of control-sensitive instructions is a subset of the privileged instructions
- All control-sensitive instructions always trap and pass control to the VMM
- Guarantees resource control property
- Non-privileged instructions must be executed natively
Theorem 2: Recursive Virtualization
A VMM can run on a copy of itself
- For an architecture, this is possible if:
- The architecture is virtualizable
- A VMM without timing dependencies can be built
Non-Virtualizable Machines
- VMMs (under Popek & Goldberg's definition) are not possible on non-virtualizable machines
- Workarounds:
- patching – critical instructions removed and replaced with a trap to VMM
- paravirtualization – guest o.s. is modified (e.g., IBM VM)
x86 Virtualization
- x86
- Pre 2005:
- x86 processor architecture did not meet Popek & Goldberg virtualization requirements
- Instructions that can access resources with a trap
- Intel VT (Virtual Technology) (IVT)
- IA-32, IA-64, Directed I/O, DMA & interrupt
- Solution: Add instructions that allow the host to trap resource instructions remapping, Connectivity
- AMD-V (Pacifica)
- AMD Athlon 64, Turion, Opteron
Virtualization: Isolation
Virtualization: Consolidation
Virtualization: Migration
Usages
- Legacy software support – Consolidation
- Training/QA – Consolidation
- Activity Partitioning – Isolation
- Administration – Consolidation, Isolation, Migration
- Failover Infrastructure - Migration
Questions about a VMM
- What host OS can it run? Does it need a host OS?
- What OS does it allow as a guest?
- Can it support a VM even if the instructions are not on the physical CPU, e.g., IA-64 VM on an IA-32 machine?
- How much are the resources shared between guest OSs?
- What tools does it provide for managing VMs?
VMWare
- Desktop – runs in a host OS
- VMWare Workstation (1999) – runs on PC
- VMWare Fusion – runs on Mac OS X
- VMWare Player – run, but not create images
- Server
- VMWare Server (GSX Server) –hosted on Linux or Windows
- VMWare ESX (ESX Server) – no host OS
- VMWare ESXi (ESX 3i) – freeware (July 2008)
VMWare ESX
- Part of VMWare Infrastructure
- Runs “bare-metal”, i.e., has its own vmkernel, with near-native performance
- Guest/Host CPU: x86 (ESXi only), x86-64, AMD
- Guest OS: Windows, Linux
- Management capabilities:
- Move VM between servers on the fly
- Move VM based on host/VM load requirements/demands
Microsoft Hyper-V
- Viridian, Windows Server Virtualization
- Host CPU: x64 + IVT or AMD-V
- VMM runs directly on the hardware; however, it requires one parent partition of the Windows Server
- Parent manages child VMs
- Guest OS: Windows, Linux
- Enlightened I/O: direct access for enabled guests
VirtualBox
- Free and open-source hypervisor
- Host: Windows, macOS, Linux, Solaris, and OpenSolaris
- Guest: Windows, Linux, BSD, OS/2, Solaris, Haiku, and macOS (on macOS host)
Other
- Xen
- free software
- runs native but with the required dom0 OS (Linux, NetBSD, Solaris), which starts other VMs
- UML (User Mode Linux)
- free software
- Run Linux in Linux
- Support integrated into Linux kernel
Virtualization-Specific Challenges
- Performance Overheads
- Resource Contention
- CPU, memory, I/O
- I/O Performance
- Management Complexity
- Scaling
- Automation
- Security
Summary
- Virtualization is an old approach, but updated software techniques and hardware support made it more visible
- The mainstream of system administration
- More movement into containers and away from dealing directly with the VM