Virtualization

Resource Virtualization
z Separating the abstract view of computing
resources from the implementation of these
resources

z A layer of indirection between abstract view and

implementation
− Hides implementation details
− C t l mapping
Controls i ffrom abstract
b t t view
i tto iimplementation
l t ti

"any problem in computer science can be

solved with another layer of indirection"
– David Wheeler

1
 Virtual Machines
App 1 App 2 App 3

Operating System

Virtual
Machine Machine

CPU CPU Mem

Layer of Indirection (VMM)

Physical
Machine CPU CPU Mem Net

Virtual Machines
App 1 App 2 App 3 App 4 App 5

Operating System Operating System

Virtual Machine 1 Virtual Machine 2

CPU CPU Mem CPU Mem Net

Virtual Machine Monitor (VMM)

Physical
Machine CPU CPU Mem Net

2
 Machine Virtualization
z A virtual machine abstracts the computing
resources of a physical machine into virtual
resources
z End users only see the virtual resources
− Can install their operating systems and run their
applications on the virtual machines

z A Virtual Machine Monitor (or Hypervisor) is a

software layer that implements the mapping from
virtual resources to physical resources

Virtual Machine Monitors

z Strong isolation between virtual machines

z Flexible mapping between virtual resources and

physical resources
− Can have more virtual resources than the corresponding
physical resources
− Can reallocate physical resources among VMs

z Pause, resume, checkpoint, and migrate virtual

machines

3
 Virtual Storage
App 1 App 2 App 3

Operating System

Machine

CPU CPU Mem

Virtual
Disk

Storage Virtualization Layer

Physical
Storage

Why Use Virtual Machines?

z Server consolidation
− Traditional IT setup: one machine per application
(DBMS, web server, mail server, …)
− Provisioned for peak load. Usually under-utilized
− Instead, can run multiple applications on virtual machines
that share the same physical machine
− Save hardware costs and administration/operation costs

4
 Server Consolidation
P2
Resource Resource
Requirement P1 Requirement

Time Time

P12 < P1 + P2
z Consolidate onto a single machine
− Easier to manage
− Less total capacity than the original two
− Better utilization than the original two

Consolidation
z Economies of scale
− Cheaper provisioning, administration, power, networking,
and cooling

z Users benefit too

− Efficient access to a larger pool of resources with better
manageability and fault tolerance

Worldwide spending on servers in 2007: US$200 billion

(30% new servers, 10% power and cooling, 60% administration)
Source: IDC, 2008

5
 Cloud Computing
z Consolidation on massive, shared, hosted
computer clusters

Why Use Virtual Machines?

z Improved
p manageability
g y
− Dynamic provisioning of resources to VMs
− Migration of VMs for load balancing
− Migration of VMs to avoid down time during
upgrades

z Isolation between VMs

− Security
− Privacy
− Fault tolerance

6
 Why Use Virtual Machines?
z Application
pp compatibility
p y
− Different environments for different applications

Why Use Virtual Machines?

z Software development
p and testing
g
− Multiple environments for development and
testing

z Software deployment
− Preconfigured virtual appliances
− Repositories
p of virtual appliances
pp on the web

7
 Virtual Appliances

http://www.vmware.com/vmtn/appliances

Virtual Appliances

http://virtualappliances.net/downloads/

8
 Why Not Use Virtual Machines?
z Performance penalty
− Indirection through VMM adds overhead

z Hiding details of physical resources

− Some applications make decisions based on
assumptions about the physical resources

Basic Approach to Virtualization

User Process
(user mode)

syscall/exception non-privileged privileged

access access

Kernel
(privileged mode) Exception Handler

privileged
access trap

Physical
Machine CPU CPU Mem Net

9
 Trap-and-Emulate Virtualization

User Process
(user mode)

Operating System
(user mode)

privileged Virtual Machine Monitor

access Trap Handler (privileged mode)

trap
Physical
Machine CPU CPU Mem Net

Trap-and-Emulate Virtualization
z Run VMM in privileged mode

z Run OS in user mode

z Privileged operations by the OS will trap

z Trap handler in VMM emulates these operations as

if they were run on the virtual machine

z Non-privileged operations can proceed as before

with no intervention from the VMM

10
 Architectural Obstacles
z Some machine architectures are not easy to
virtualize
− Notable example: x86

z Not all privileged operations trap when run in user

mode
− Example: popf (pop stack into flags)
Privileged mode: change user and system flags
User mode: change user flags only, no trap

z Some privileged state is visible in user mode

− Example: Machine status word

z For an architecture like x86, trap-and-emulate

alone will not work

Virtualization Approaches
z Binary rewriting
− Operating system running in VM is unmodified
− VMM scans Guest OS memory for problematic
instructions and rewrites them
− Example: VMware Workstation

z Paravirtualization
− Software interface to VMM is not identical to hardware
− Operating systems need to be ported to run on VMM
− Simpler VMM and faster virtual machines than with
trap-and-emulate
− Example: Xen

11
Hardware Virtualization for x86
z Intel and AMD have both introduced processor
extensions to help virtualization (Intel VT, AMD-V)

z Processor is aware of multiple virtual machine

contexts (like process control blocks, but for entire
operating system)
z New instructions to start/resume a VM
z New privilege level for VMM
z VMM selects which events should trap (vmexit)
− Manipulating interrupt state, interacting with TLB,
accessing control registers, …

12