Virtualization

1 Huawei Confidential
 Foreword

⚫ Virtualization is the foundation of cloud computing, so what is virtualization? What is

the essence of virtualization? What are mainstream virtualization technologies? This
course will answer these questions and give you a brief introduction to virtualization.

2 Huawei Confidential
 Objectives

⚫ Upon completion of this course, you will be able to:

 Describe the essence and value of virtualization.
 Understand some of the mainstream virtualization technologies.
 Grasp basic principles of mainstream virtualization technologies.

3 Huawei Confidential
 Contents

Overview
◼ Virtualization
◼ Mainstream Virtualization Technologies

4 Huawei Confidential
 What Is Virtualization?
⚫ Virtualization has a wide range of meanings. Any time you abstract resources from one form into another, that is virtualization, the
creation of a logical representation of resources. Virtualization is an abstract layer that removes the tight coupling between
physical hardware and operating systems (OSs).
Before virtualization After virtualization

App App App App App App App App App

Windows Linux Linux Win Linux Win Linux Win Linux

Virtualized

Resource
pooling
Virtualization Virtualization Virtualization
layer layer layer

⚫ IT resources are independent.

⚫ Resources are virtualized to a shared resource pool.
⚫ OSs must be tightly coupled with hardware.
⚫ OSs are decoupled from hardware and resources are
allocated to the OSs from the resource pool.
5 Huawei Confidential
Important Concepts of Virtualization

Guest OS
Physical server Virtual machine (VM)
VM OS
App App
Guest Machine

OS VM
Guest OS
Hypervisor
VM Virtualization software layer or virtual machine monitor
Guest machine
(VMM)

OS VMM Host OS
Host OS Hypervisor
OS running on a physical machine (PM)
Hardware Hardware
Host machine Host Machine
Host machine
PM

6 Huawei Confidential
Virtualization History
Kernel-based
Virtual Machine
POWERparallel (KVM)
system Advanced Power Kubernetes V1.0,
VMware
Virtualization opening the
Workstation Xen 3.0.0
(APV), a cloud native era
virtualization
solution

Bochs, an x86
emulator

1993 1998 1999 2004 2005 2006 2015

7 Huawei Confidential
Virtualization Types

Type Description

The VMM virtualizes the CPU, memory, and device input/output (I/O) without
Full virtualization modifying the guest OS and hardware. Full virtualization gives you excellent
compatibility, but increases the load on the CPU of the host machine.

The VMM virtualizes CPU and memory and the guest OS virtualizes device I/O. The
Paravirtualization guest OS needs to be modified to coordinate with the VMM. Paravirtualization
provides high performance but poor compatibility.

Efficient full virtualization is realized with the help of hardware. Compatibility is good,
Hardware-assisted
and guest OSs do not need to be modified. This type of virtualization has been slowly
virtualization
eliminating differences between different software virtualization.

8 Huawei Confidential
Virtualization Characteristics
Partitioning Isolation

×
VM VM VM VM VM VM VM VM

Multiple VMs can concurrently run VMs running on the same physical server
on the same physical server. are isolated from each other.

Encapsulation Hardware Independence

VM VM VM VM VM VM VM

The VM operating environment is encapsulated

into an independent file. Users can migrate VMs by VMs can run on any server. No modifications are
moving files. needed.

9 Huawei Confidential
Advantages of Virtualization
Physical server Virtual server
VM VM

App App
App
OS OS

OS
Virtualization layer – Hypervisor
Physical server
Physical server

⚫ OSs are bound to physical servers. ⚫ OSs are decoupled from physical servers.
⚫ Migration is difficult and stability unreliable. ⚫ Migration, scaling, and integration are all easy.
⚫ Scaling is hard and resource utilization low. ⚫ Standard virtual hardware consists of a series of files, so security is
⚫ Servers take up a lot of space and need to be housed and less work.
maintained.

10 Huawei Confidential
CPU Virtualization
User
instructions
Ring 3 App
User
instructions
Ring 3 App Ring 3 App Non- Ring 2
root
mode Ring 1

Translation
Ring 2

Emulation
Ring 2

Trap
Ring 1 Ring 1 Guest OS Ring 0 Guest OS

Ring 0 OS (kernel) Ring 0 VMM Root mode VMM

x86 architecture x86 architecture x86 architecture

Full virtualization based on Hardware-assisted

No virtualization virtualization
binary translation

11 Huawei Confidential
Mappings Between CPUs and vCPUs

PHY kernel 01
Super
vCPU
thread
PHY kernel 02
Super
vCPU
thread
PHY kernel 03
Super
vCPU
thread
PHY kernel 1x
Super
vCPU
thread
PHY kernel 1x
Super
vCPU
thread
PHY kernel 1x
Super
vCPU
thread

13 Huawei Confidential
Memory Virtualization
⚫ The physical memory of a PM is managed centrally, and is packed into multiple virtual memories for multiple VMs.
⚫ KVM virtualizes and uses the physical memory and allocates it to VMs as required.

VM 1 VM 2 Guest
virtual GVA
address

Guest
physical GPA
address

Host
physical HPA
address

14 Huawei Confidential
I/O Virtualization
⚫ I/O virtualization can be considered a hardware middleware layer between server components, OSs, and
available I/O processing units. It allows multiple guest OSs to reuse limited peripheral resources.
⚫ Device virtualization (I/O virtualization) is when you emulate the registers and memory of devices,
intercept guest OS access to the I/O ports and registers, and use software to simulate device behavior.
⚫ In Quick Emulator (QEMU)/KVM, guest machines can use emulators, Virtio devices, or PCI devices:
 Emulators: devices that are completely emulated by the QEMU software
 Virtio devices: paravirtualized devices that implement Virtio APIs
 PCI devices: directly assigned

15 Huawei Confidential
I/O Virtualization - Full Emulation
⚫ Software is used to emulate a specific device.
 The same software interface is used, for example: programmable
input/output (PIO), memory mapped I/O (MMIO), direct memory
Apps
access (DMA), or interrupt.
Device model
 Virtual devices that are different from physical devices in the Native
IRQ Emulation
system can be emulated. driver
I/O IRQ
⚫ Multiple context switches are required for each I/O
Virtual
operation. VM exit interruption

 VM <-> Hypervisor Driver Hypervisor

 QEMU <-> Hypervisor

⚫ Devices emulated by software do not affect the software

Device
stacks of the VMs.
 Native driver

16 Huawei Confidential
I/O Virtualization - Virtio
⚫ Virtualizing special devices
 Special device drivers, including the front-end drivers on VMs
and the back-end drivers on the hosts
Apps
 Efficient communication between the front-end and back- Shared
Back-end memory
end drivers
driver
Front-end
⚫ Reducing the transmission overhead between VMs and driver
hosts
Hyper call Notification
 Shared memory
 Batched I/O Driver Hypervisor

 Asynchronous event notification mechanism

(waiting/notification) between eventfd lightweight processes
Device

17 Huawei Confidential
 Contents

1. Overview
 Virtualization
◼ Mainstream Virtualization Technologies

18 Huawei Confidential
Xen Virtualization
⚫ The Xen hypervisor is the first program that is loaded after a server is enabled through BIOS. Then, a VM, with specific permissions,
is enabled, which is called Domain 0 (Dom0). The operating system of Dom0 can be Linux or Unix. Dom0 controls and manages the
Hypervisor. Of all the VMs, Dom0 is the only one that can directly access physical hardware such as a storage device and a network
interface card (NIC). It serves as a bridge for Domain U (DomU) to access storage devices and NICs through its physical drive.

Dom0 (management) DomU (VM) DomU (VM)

Linux/Unix kernel

Physical drive Virtual driver Virtual driver

Xen

Hardware

19 Huawei Confidential
KVM Virtualization
⚫ KVM is a kernel-based VM.
⚫ The essence of KVM is [Link], a virtualization module in the Linux kernel. It uses Linux to perform
operations, such as task scheduling, memory management, and interaction with hardware devices.
⚫ KVM is open-source software that was integrated into the Linux 2.6.20 kernel in February 2007.
⚫ In KVM, a VM is a Linux process scheduled by the CPU.
⚫ A KVM runs in the kernel space and provides CPU and memory virtualization. It does not perform any
simulation. QEMU runs in user space, where it provides virtualization emulation of hardware I/O.

20 Huawei Confidential
KVM and QEMU
⚫ In the KVM virtualization solution, KVM virtualizes CPU and memory, and QEMU virtualizes I/O devices.
⚫ QEMU is software-based open-source (emulation) software. It can fully emulate all resources required by VMs,
including the CPU, memory, I/O device, USB, and NIC.

Host Host Host VM VM

process process process

QEMU QEMU

/dev/kvm KVM
Linux kernel Physical drive

Hardware

21 Huawei Confidential
Working Principles of KVM
⚫ KVM is a module of the Linux kernel and it runs in kernel space.
⚫ QEMU running in user space is used to virtualize I/O devices.
⚫ After the KVM module is installed in Linux, there are three modes: guest mode, user mode, and kernel mode.

User mode
Guest mode
Kernel mode

QEMU

LibKvm
User mode

ioctl

KVM fd

/dev/kvm kvm-vm fd kvm-vcpu fd

Kernel mode VMM Linux kernel KVM module

22 Huawei Confidential
Virtualization Platform Management Tool - Libvirt
⚫ Libvirt is a set of APIs developed using C. It aims to provide a universal and stable software layer to manage multiple virtualization
methods on PMs and VMs, and it also supports remote management.
⚫ Libvirt is a virtualization library in Linux and also an open-source project. It is a powerful virtualization platform management tool.
The managed virtualization platform can be KVM, Xen, VMware, or Hyper-V.

Management tools
Virsh Virt-manager Virt-viewer Virt-install Others

Libvirt

Linux kernel
Xen hypervisor
(KVM module)
QEMU QEMU
Dom0 DomU
Guest Guest (Guest) (Guest)
OS OS

24 Huawei Confidential
Xen vs. KVM

Dom0 DomU DomU DomU Other Guest OS Guest OS

applications

PV
backends
Huawei PV PV PV QEMU QEMU
drivers frontends frontends frontends

KVM
Xen Linux Huawei
drivers

Hardware Hardware

25 Huawei Confidential
 Quiz
1. In full virtualization, VMM is used for CPU and memory virtualization, and the Guest OS is
used for device I/O virtualization. The guest OS needs to be modified to coordinate with the
VMM. This method provides high performance but poor compatibility.
A. True
B. False
2. Libvirt is a virtualization library on Linux. It aims to provide a universal and stable software
layer to manage multiple virtualization modes and VMs on PMs and supports remote
management.
A. True
B. False

26 Huawei Confidential
 Summary

⚫ In this course, we have learned the essence and value of virtualization, mainstream
virtualization technologies, and basic principles of mainstream virtualization
technologies. In the following course, we will continue to learn the features of
Huawei virtualization platform.

27 Huawei Confidential
 Recommendations

⚫ Huawei Learning
 [Link]

⚫ Huawei Support Case Library

 [Link]

28 Huawei Confidential
Acronyms and Abbreviations
⚫ KVM: Kernel-based Virtual Machine
⚫ VMM: Virtual Machine Monitor

29 Huawei Confidential
Thank you. 把数字世界带入每个人、每个家庭、
每个组织，构建万物互联的智能世界。
Bring digital to every person, home, and
organization for a fully connected,
intelligent world.

Copyright©2022 Huawei Technologies Co., Ltd.

All Rights Reserved.

The information in this document may contain predictive

statements including, without limitation, statements regarding
the future financial and operating results, future product
portfolio, new technology, etc. There are a number of factors that
could cause actual results and developments to differ materially
from those expressed or implied in the predictive statements.
Therefore, such information is provided for reference purpose
only and constitutes neither an offer nor an acceptance. Huawei
may change the information at any time without notice.