Unit-4 L-14-15 VS

Subject: - Cloud Computing

Unit: - Virtualization Technology
Unit: - 4
Virtualization Structures/Tools and Mechanisms :-

 Before virtualization, the operating system manages the hardware.

 After virtualization, a virtualization layer is inserted between the hardware
and the OS.
 In such a case, the virtualization layer is responsible for converting portions
of the real hardware into virtual hardware.
 Depending on the position of the virtualization layer, there are several
classes of VM architectures, namely
1. Hypervisor architecture
2. XEN architecture
3. Virtualization architecture

1. Hypervisor architecture :-
a) The hypervisor supports hardware-level virtualization on bare metal
devices like CPU, memory, disk and network interfaces.
b) The hypervisor software sits directly between the physical hardware
and its OS.
c) The hypervisor provides hypercalls for the guest OSes and
applications.
d) Depending on the functionality, a hypervisor can assume a micro-
kernel architecture like the Microsoft Hyper-V. OR
e) It can assume a monolithic hypervisor architecture like the VMware
ESX for server virtualization.
f) A micro-kernel hypervisor includes only the basic and unchanging
functions (such as physical memory management and processor
scheduling).

Cloud Computing (6CS4-06) Page 1

Unit-4 L-14-15 VS

g) A monolithic hypervisor implements all the device drivers and other

changeable components are outside the hypervisor. Therefore, the size
of the hypervisor code of a micro-kernel hypervisor is smaller than
that of a monolithic hypervisor.
2. Xen Architecture:-

1. Xen is an open source hypervisor program developed by Cambridge University.

2. Xen is a micro-kernel hypervisor.

3. Xen provides a virtual environment located between the hardware and the OS.

4. A number of vendors are in the process of developing commercial Xen

hypervisors, among them are Citrix XenServer and Oracle VM .

5. The Xen hypervisor implements all the mechanisms, leaving the policy to be
handled by Domain 0.

6. Xen does not include any device drivers natively .

7. It just provides a mechanism by which a guest OS can have direct access to the
physical devices.

8. The core components of a Xen system are the hypervisor, kernel, and
applications.

9. The guest OS, which has control ability, is called Domain 0 and the others are
called Domain U.

10. Domain 0 is a privileged guest OS of Xen. It is first loaded when Xen boots
without any file system drivers being available.

11. Domain 0 is designed to access hardware directly and manage devices.

Therefore, one of the responsibilities of Domain 0 is to allocate and map hardware
resources for the guest domains (the Domain U domains).

Cloud Computing (6CS4-06) Page 2

Unit-4 L-14-15 VS

 Types of virtualization :-

1. Hardware Virtualization:-

Cloud Computing (6CS4-06) Page 3

Unit-4 L-14-15 VS

 In hardware virtualization, we create a virtual machine that worked like a

real computer with an operating system, and whatever the software that
virtual machine executes was independent and free from the underlying
resources present on the device.
 The main tasks of hypervisor were to control and manage the virtual
machines, and the software that executes on the VM feels likes that they are
using their own resources. But, in reality, they all taking these resources
from the host/physical machines

Types of Hardware Virtualization

a) Full virtualization
b) Para virtualization
c) Partial virtualization

a. Full virtualization

Cloud Computing (6CS4-06) Page 4

Unit-4 L-14-15 VS

1. With full virtualization, noncritical instructions run on the hardware directly

while critical instructions are discovered and replaced with traps into the VMM to
be emulated by software.

2. In full virtualization, the guest operating system was not aware of the virtual
environment in which it was executing.

3. That guest operating system sends instruction directly to the main hardware that
it wants to use its resources.

4. That main hardware tricks the operating system by sending a trap command to
the hypervisor.

5. The method used in this emulation is called binary translation. Therefore, full
virtualization combines binary translation and direct execution. The performance
of full virtualization may not be ideal, because it involves binary translation which
is rather time-consuming.

6. When the trap request was accepted, then the hypervisor will convert itself into
hardware and creates a virtual machine with all the same resources that the main
hardware contains.

7. And after that, the hypervisor sends emulate requests to the main hardware that
the virtual machine was created

8. And whatever the demand guests operating system wants from the main
hardware was completed by that hypervisor virtual machines.

9. After the completion of the work, it sends the result back to the respective
operating systems.

b. Partial virtualization
In full virtualization, we see that all the resources presented in hardware
provided to the user in virtual form, but in partial virtualization, only the
selective resources that users needed were provided from the cloud provider
side.

Cloud Computing (6CS4-06) Page 5

Unit-4 L-14-15 VS

c. Para virtualization

1. In this virtualization, the Operating system, which was on the virtual

machines, know that they are executing in a virtualized environment.
2. And with the help of the driver guest operating system was modified so
that OS runs in the para-virtualized environment.
3. And all the privileged and sensitive information was replaced with
hypercalls; instead of direct communication with the hardware,
4. The modified operating system uses virtualization layers or hypervisor for
communication with the physical hardware. 5. The popular Xen, KVM, and
VMware ESX are good examples.

Cloud Computing (6CS4-06) Page 6

Unit-4 L-14-15 VS

2. Network virtualization

In network virtualization, network resources like firewalls, load balancers, network

interface cards, and bandwidth, and so on are divided logically into multiples
chunks.

And these multiple chunks work independently from each other, and in real-time,
these chunks were assigned to any device.

Network virtualization creates its virtual network in which each application sees its
own logical network and independent from the physical network.

Virtual LAN was an example of Network virtualization.

Cloud Computing (6CS4-06) Page 7

Unit-4 L-14-15 VS

For example, in schools or colleges, we have many departments, and all these
departments were connected to a single network. If we want another department's
presence in our particular department only shows when we want, we can do it with
VLAN's help. The client machines at a different location logically appeared in the
same place. And that particular department thinks that in this department, he/she
will only belong.

Network virtualization was further categorized into the following subparts:

a- Internal network virtualization

If services were provided to the users when a single system connected with
different resources within the systems, it would be referred to as internal network
virtualization.

b- External network virtualization

When multiple systems are connected with multiple networks, and users were
excessing the resources from there, it was called external network virtualization.

3. Storage virtualization:

In this type of virtualization, data were pooled into main servers from various
storage devices that appeared as a single device. And all the control of the storage
device was in the hand of that main server.

Cloud Computing (6CS4-06) Page 8

Unit-4 L-14-15 VS

When user demand for some services from the main hardware M then it will be
provided to the users in output form but when the resources were not presented in
the machine M then the virtual machine help in to get that resources from any of
the devices M1, M2, M3 after which that service was provided to the users in the
input form and the user thinks that he/she was working on the single machines, but
in reality, they are working on different machines in the cloud computing
environment.

For example, we store our photos in a smartphone gallery, but when we click our
images, we have the choice to save our photos either on a data card or inside the
internal memory. When all the photos come inside the gallery, we can't tell where
the data was stored, either in a memory card or internal memory.

Storage virtualization was further categorized into the following parts:

a. Block-based storage virtualization

In this virtualization, storage files were broken into a number of chunks and
stored in different blocks with the unique address, which latter group
together to provide a storage area to the user. We can see this block-based
storage virtualization in SAN (storage area network).

For example, the hard disk in our device was divided into many disk drives
was an example of block-based storage virtualization.

b. File-based storage virtualization

If we sharing the storage and the data were stored in one system and more
than one person excessing that resource, then it will be file-based storage
virtualization. We can see this in network-attached storage systems.
Different social media websites were an example of files-based storage
virtualization.

4. Data virtualization
Suppose you want information for some field, and instead of searching that
information in different areas, you wish to explore all this at one place, and
this happen or done with the help of data virtualization it collects all the data
from multiple sources and consolidates that multiple information into a
single form so that user can get at one place.

Cloud Computing (6CS4-06) Page 9

Unit-4 L-14-15 VS

for example, Different e-commerce websites- where you can search your
favorites product in one place

5. Desktop virtualization
In the case of desktop virtualization, you can easily access your device in
which you are working from any third place or from any distant location.
This type of virtualization makes the clones of your complete system, which
was put into a particular cloud server location with the use of various tools
such as citrus, XenDesktop. And suppose in the case when the real device in
which you were working was not with you then with the help of desktop
virtualization, you can easily access your device resources and the services
from any other devices.

Cloud Computing (6CS4-06) Page 10

Unit-4 L-14-15 VS

6. Server virtualization:-
Server Virtualization is the partitioning of a physical server into number of
small virtual servers, each running its own operating system. These
operating systems are known as guest operating systems. These are running
on another operating system known as host operating system. Each guest
running in this manner is unaware of any other guests running on the same
host.
For Server Virtualization, there are three popular approaches.

These are:
1. Virtual Machine model
2. Para-virtual Machine model
3. Operating System (OS) layer Virtualization

1. Virtual Machine model: are based on host-guest paradigm, where each

guest runs on a virtual replica of hardware layer. This technique of
virtualization provide guest OS to run without modification. However it
requires real computing resources from the host and for this a hypervisor
or VM is required to coordinate instructions to CPU.
2. Para-Virtual Machine model: is also based on host-guest paradigm &
uses virtual machine monitor too. In this model the VMM modifies the
guest operating system's code which is called 'porting'. Like that of
virtual machine, similarly the Para-virtual machine is also capable of
executing multiple operating systems. The Para-virtual model is used by
both Xen & UML.
3. Operating System Layer Virtualization: Virtualization at OS level
functions in a different way and is not based on host-guest paradigm. In
this model the host runs a single operating system kernel as its main/core
and transfers its functionality to each of the guests. The guest must use
the same operating system as the host. This distributed nature of
architecture eliminated system calls between layers and hence reduces
overhead of CPU usage.

Cloud Computing (6CS4-06) Page 11

Unit-4 L-14-15 VS

7. CPU virtualization :
 Modern operating systems and processors permit multiple processes to run
simultaneously.
 If there is no protection mechanism in a processor, all instructions from
different processes will access the hardware directly and cause a system
crash.
 Therefore, all processors have at least two modes, user mode and supervisor
mode, to ensure controlled access of critical hardware.
 Instructions running in supervisor mode are called privileged instructions.
Other instructions are unprivileged instructions.

CPU virtualization involves a single CPU acting as if it were multiple

separate CPUs. The most common reason for doing this is to run multiple
different operating systems on one machine. CPU virtualization emphasizes
performance and runs directly on the available CPUs whenever possible.
The underlying physical resources are used whenever possible and the
virtualization layer runs instructions only as needed to make virtual
machines operate as if they were running directly on a physical machine.
Unprivileged instructions of VMs run directly on the host machine for
higher efficiency.
Other critical instructions should be handled carefully for correctness and
stability.

Cloud Computing (6CS4-06) Page 12

Unit-4 L-14-15 VS

The critical instructions are divided into three categories:

1. Privileged instructions,
2. Controls sensitive instructions,
3. Behavior-sensitive instructions

Privileged instructions execute in a privileged mode and will be trapped if

executed outside this mode.
Control-sensitive instructions attempt to change the configuration of
resources used.
Behavior-sensitive instructions have different behaviors depending on the
configuration of resources, including the load and store operations over the
virtual memory

A CPU architecture is virtualizable if it supports the ability to run the VM’s

privileged and unprivileged instructions in the CPU’s user mode while the
VMM runs in supervisor mode.

When the privileged instructions including control- and behavior-sensitive

instructions of a VM are executed, they are trapped in the VMM.

RISC CPU architectures can be naturally virtualized because all control- and
behavior-sensitive instructions are privileged instructions.

To support virtualization, processors such as the x86 employ a special

running mode and instructions, known as hardware-assisted virtualization.

In this way, the VMM and guest OS run in different modes and all sensitive
instructions of the guest OS and its applications are trapped in the VMM.

All the privileged and sensitive instructions are trapped in the hypervisor
automatically. It also lets the operating system run in VMs without
modification

Cloud Computing (6CS4-06) Page 13

Unit-4 L-14-15 VS

8. Memory Virtualization:
 Virtual memory virtualization is similar to the virtual memory support
provided by modern operating systems.
 In a traditional environment, the OS maintains page table for mappings of
virtual memory to machine memory, which is a one-stage mapping.
 In a virtual execution environment, virtual memory virtualization involves
sharing the physical system memory in RAM and dynamically allocating it
to the physical memory of the VMs.
 A two-stage mapping process should be maintained by the guest OS and the
VMM, respectively: virtual memory to physical memory and physical
memory to machine memory.
 The VMM is responsible for mapping the guest physical memory to the
actual machine memory in guest OS.
 Since each page table of the guest OSes has a separate page table in the
VMM corresponding to it, the VMM page table is called the shadow page
table.
 VMware uses shadow page tables to perform virtual-memory-to-machine-
memory address translation.
 Processors use TLB hardware to map the virtual memory directly to the
machine memory to avoid the two levels of translation on every access.
 When the guest OS changes the virtual memory to a physical memory
mapping, the VMM updates the shadow page tables to enable a direct
lookup.

Cloud Computing (6CS4-06) Page 14

Unit-4 L-14-15 VS

1. The boxes represent pages, and the arrows show the different memory
mappings.

2. The arrows from guest virtual memory to guest physical memory show the
mapping maintained by the page tables in the guest operating system.

3. The arrows from guest physical memory to machine memory show the mapping
maintained by the VMM.

4. The dashed arrows show the mapping from guest virtual memory to machine
memory in the shadow page tables also maintained by the VMM. The underlying
processor running the virtual machine uses the shadow page table mappings.

 I/O virtualization

It involves managing the routing of I/O requests between virtual devices and the
shared physical hardware.

There are three ways to implement I/O virtualization:

1. Full device emulation 2. Para-virtualization 3. Direct I/O

Cloud Computing (6CS4-06) Page 15

Unit-4 L-14-15 VS

1. Full device emulation

All the functions of a device like device enumeration, identification, interrupts, and
DMA, are replicated in software and it is located in the VMM and acts as a virtual
device. The I/O access requests of the guest OS are trapped in the VMM which
interacts with the I/O devices.

2. Para-virtualization

It is a split driver model consisting of a frontend driver and a backend driver.

The frontend driver is running in Domain U and the backend driver is running in
Domain 0.

The frontend driver manages the I/O requests of the guest OSes and the backend
driver is responsible for managing the real I/O devices and multiplexing the I/O
data of different VMs.

3. Direct I/O virtualization

 It lets the VM access devices directly.
 To help I/O virtualization is via self-virtualized I/O (SV-IO).

Cloud Computing (6CS4-06) Page 16

Unit-4 L-14-15 VS

 All tasks associated with virtualizing an I/O device are encapsulated in SV-
IO.
 SV-IO defines one virtual interface (VIF) for every kind of virtualized I/O
device, such as virtual network interfaces, virtual block devices (disk),
virtual camera devices, and others.
 The guest OS interacts with the VIFs via VIF device drivers. Each VIF
consists of two message queues.
 One is for outgoing messages to the devices and the other is for incoming
messages from the devices.
 In addition, each VIF has a unique ID for identifying it in SV-IO

Cloud Computing (6CS4-06) Page 17