2.

1 VIRTUALIZATION
• Virtualization is a technique, which allows sharing single physical instance of an
application or resource among multiple organizations or tenants (customers).

• Virtualization is a proved technology that makes it possible to run multiple operating

system and applications on the same server at same time.

• Virtualization is the process of creating a logical(virtual) version of a server operating

system, a storage device, or network services.

• The technology that work behind virtualization is known as a virtual machine

monitor(VM), or virtual manager which separates compute environments from the actual
physical infrastructure.

• Virtualization -- the abstraction of computer resources.

• Virtualization hides the physical characteristics of computing resources from their users,
applications, or end users.

• This includes making a single physical resource (such as a server, an operating system, an
application, or storage device) appear to function as multiple virtual resources.

• It can also include making multiple physical resources (such as storage devices or servers)
appear as a single virtual resource.

• In computing, virtualization refers to the act of creating a virtual (rather than actual)
version of something, like computer hardware platforms, operating systems, storage
devices, and computer network resources
 • Creation of a virtual machine over existing operating system and hardware.

• Host machine: The machine on which the virtual machine is created.

• Guest machine: virtual machines referred as a guest machine.

• Hypervisor: Hypervisor is a firmware or low-level program that acts as a Virtual

Machine Manager.

Figure 2.10 Virtualization Example

Advantages of Virtualization:

1. Reduced Costs.

2. Efficient hardware Utilization.

3. Virtualization leads to better resource Utilization and increase performance

4. Testing for software development.

5. Increase Availability

6. Save energy

7. Shifting all your Local Infrastructure to Cloud in a day

8. Possibility to Divide Services

9. Running application not supported by the host.

Disadvantages of Virtualization:

1. Extra Costs.

2. Software Licensing.

2.2 IMPLEMENTATION LEVELS OF VIRTUALIZATION

Virtualization is a computer architecture technology by which multiple virtual machines
(VMs) are multiplexed in the same hardware machine. The purpose of a VM is to enhance resource
sharing by many users and improve computer performance in terms of resource utilization and
application flexibility.
Hardware resources (CPU, memory, I/O devices, etc.) or software resources(operating
system and software libraries) can be virtualized in various functional layers.
The idea is to separate the hardware from the software to yield better system efficiency. For
example, computer users gained access to much enlarged memory space when the concept of
virtual memory was introduced. Similarly, virtualization techniques can be applied to enhance the
use of compute engines, networks and storage.
2.6.1 Levels of Virtualization:
A traditional computer runs with host operating system specially tailored for its hardware
architecture, as shown in Figure 2.11 (a). After virtualization, different user applications managed
by their own operating systems (guest OS) can run on the same hardware, independent of the host
OS.
This is often done by adding additional software, called a virtualization layer as shown in
Figure 2.11 (b). This virtualization layer is known as hypervisor or virtual machine monitor
(VMM) .The VMs are shown in the upper boxes, where applications run with their own guest OS
over the virtualized CPU, memory, and I/O resources. The main function of the software layer for
virtualization is to virtualize the physical hardware of a host machine into virtual resources to be
used by the VMs, exclusively. The virtualization software creates the abstraction of VMs by
interposing a virtualization layer at various levels of a computer system. Common virtualization
layers include the instruction set architecture (ISA) level, hardware level, operating system level,
library support level, and application level.
 Figure 2.11 The architecture of a computer system before and after Virtualization

Figure 2.12 Virtualization ranging from hardware to applications in five abstraction levels.
Instruction Set Architecture Level:
At the ISA level, virtualization is performed by emulating a given ISA by the ISA of the
host machine. For example, MIPS binary code can run on an x86-based host machine with the help
of ISA emulation. With this approach, it is possible to run a large amount of legacy binary

code written for various processors on any given new hardware host machine. Instruction set
emulation leads to virtual ISAs created on any hardware machine.
The basic emulation method is through code interpretation. An interpreter program
interprets the source instructions to target instructions one by one. OneSource instruction may
require tens or hundreds of native target instructions to perform its function. Obviously, this
process is relatively slow. For better performance, dynamic binary translation is desired.
This approach translates basic blocks of dynamic source instructions to target instructions.
The basic blocks can also be extended to program traces or super blocks to increase translation
efficiency. Instruction set emulation requires binary translation and optimization. A virtual
instruction set architecture (V-ISA) thus requires adding a processor-specific software translation
layer to the compiler.
Hardware Abstraction Level:
Hardware-level virtualization is performed right on top of the bare hardware. The idea is
to virtualize a computer’s resources, such as its processors, memory, and I/O devices. The intention
is to upgrade the hardware utilization rate by multiple users concurrently.
Operating System Level:
This refers to an abstraction layer between traditional OS and user applications. OS-level
virtualization creates isolated containers on a single physical server and the OS instances to utilize
the hardware and software in datacenters.
The containers behave like real servers. OS-level virtualization is commonly used in
creating virtual hosting environments to allocate hardware resources among a large number of
mutually distrusting users. It is also used, to a lesser extent, in consolidating server hardware by
moving services on separate hosts into containers or VMs on one server.
Library Support Level:
Most applications use APIs exported by user level libraries rather than using lengthy
system calls by the OS. Since most systems provide well documented APIs, such an interface
becomes another candidate for virtualization.
 Virtualization with library interfaces is possible by controlling the communication link
between applications and the rest of a system through API hooks. The software tool WINE has
implemented this approach to support Windows applications on top of UNIX hosts. Another

example is the vCUDA which allows applications executing within VMs to leverage GPU
hardware acceleration.
User-Application Level:
Virtualization at the application level virtualizes an application as a VM. On a traditional
OS, an application often runs as a process. Therefore, application-level virtualization is also known
as process-level virtualization. The most popular approach is to deploy high level language
(HLL)VMs.

2.6.2 VMM Design Requirements and Providers

Hardware-level virtualization inserts a layer between real hardware and traditional
operating systems. This layer is commonly called the Virtual Machine Monitor (VMM) and it
manages the hardware resources of a computing system. Each time programs access the hardware
the VMM captures the process. VMM acts as a traditional OS.
One hardware component, such as the CPU, can be virtualized as several virtual copies.
Therefore, several traditional operating systems which are the same or different can sit on the same
set of hardware simultaneously.
Three requirements for a VMM
 First, a VMM should provide an environment for programs which is essentially identical
to the original machine.
 Second, programs run in this environment should show, at worst, only minor decreases in
speed.
 Third, a VMM should be in complete control of the system resources
2.6.3 Virtualization Support at the OS Level
With the help of VM technology, a new computing mode known as cloud computing
is emerging. Cloud computing is transforming the computing landscape by shifting the hardware
and staffing costs of managing a computational center to third parties, just like banks. However,
cloud computing has at least two challenges.
 The first is the ability to use a variable number of physical machines and VM instances
depending on the needs of a problem.
 The second challenge concerns the slow operation of instantiating new VMs.
Currently, new VMs originate either as fresh boots or as replicates of a template VM,
unaware of the current application state. Therefore, to better support cloud computing, a large
amount of research and development should be done.

Why OS-Level Virtualization?

To reduce the performance overhead of hardware-level virtualization, even hardware modification
is needed. OS-level virtualization provides a feasible solution for these hardware- level
virtualization issues. Operating system virtualization inserts a virtualization layer inside an
operating system to partition a machine’s physical resources. It enables multiple isolated VMs
within a single operating system kernel. This kind of VM is often called a virtual execution
environment (VE), Virtual Private System (VPS), or simply container. From the user’s point of
view, VEs look like real servers. This means a VE has its own set of processes, file system, user
accounts, network interfaces with IP addresses, routing tables, firewall rules, and other personal
settings. Although VEs can be customized for different people, they share the same operating
system kernel.

Advantages of OS Extensions
(1) VMs at the operating system level have minimal startup/shutdown costs, low resource
requirements, and high scalability.
(2) For an OS-level VM, it is possible for a VM and its host environment to synchronize
state changes when necessary.
These benefits can be achieved via two mechanisms of OS-level virtualization:
(1) All OS-level VMs on the same physical machine share a single operating system kernel
(2) The virtualization layer can be designed in a way that allows processes in VMs to access as
many resources of the host machine as possible, but never to modify them.

Virtualization on Linux or Windows Platforms

Virtualization support on the Windows-based platform is still in the research stage. The
Linux kernel offers an abstraction layer to allow software processes to work with and operate on
resources without knowing the hardware details. New hardware may need a new Linux kernel to
support. Therefore, different Linux platforms use patched kernels to provide special support for
extended functionality.

2.6.4 Middleware Support for Virtualization

Library-level virtualization is also known as user-level Application Binary Interface(ABI)
or API emulation. This type of virtualization can create execution environments forrunning alien
programs on a platform rather than creating a VM to run the entire operating system. API call
interception and remapping are the key functions performed. This provides an overview of several
library-level virtualization systems: namely the Windows Application Binary Interface (WABI),
lxrun, WINE, Visual MainWin, and Vcuda.
2.3 Virtualization Structures/Tools and Mechanisms
There are three typical classes of VM architecture. Before virtualization, the operating
system manages the hardware. After virtualization, a virtualization layer is inserted between the
hardware and the operating system. In such a case, the virtualization layer is responsible for
converting portions of the real hardware into virtual hardware. Therefore, different operating
systems such as Linux and Windows can run on the same physical machine, simultaneously.
Depending on the position of the virtualization layer, there are several classes of VM
architectures, namely the hypervisor architecture, para-virtualization, and host based
virtualization. The hypervisor is also known as the VMM (Virtual Machine Monitor). They both
perform the same virtualization operations.
2.7.1 Hypervisor and Xen Architecture:
The hypervisor supports hardware-level virtualization on bare metal devices like CPU,
memory, disk and network interfaces. The hypervisor software sits directly between the physical
hardware and its OS. This virtualization layer is referred to as either the VMM or the hypervisor.
The hypervisor provides hypercalls for the guest OSes and applications. Depending on the
functionality, a hypervisor can assume a micro-kernel architecture like the Microsoft Hyper-V. Or
it can assume monolithic hypervisor architecture like the VMware ESX for server virtualization.
 A micro-kernel hypervisor includes only the basic and unchanging functions (such as
physical memory management and processor scheduling). The device drivers and other changeable
components are outside the hypervisor. A monolithic hypervisor implements all the
aforementioned functions, including those of the device drivers.
Therefore, the size of the hypervisor code of a micro-kernel hypervisor is smaller than
that of a monolithic hypervisor. Essentially, a hypervisor must be able to convert physical devices
into virtual resources dedicated for the deployed VM to use.
The Xen Architecture:
The core components of a Xen system are the hypervisor, kernel, and applications. The
organization of the three components is important. Like other virtualization systems, many guest
OSes can run on top of the hypervisor. However, not all guest OSes are created equal, and one in
particular controls the others.
The guest OS, which has control ability, is called Domain 0, and the others are called
Domain U. Domain 0 is a privileged guest OS of Xen. It is first loaded when Xen boots without
any file system drivers being available. Domain 0 is designed to access hardware directly and
manage devices. Therefore, one of the responsibilities of Domain 0 is to allocate and map hardware
resources for the guest domains (the Domain U domains).

2.7.2 Binary Translation with Full Virtualization:

Depending on implementation technologies, hardware virtualization can be classified into
two categories: full virtualization and host-based virtualization. Full virtualization does not need
to modify the host OS. It relies on binary translation to trap and to virtualize the execution of
certain sensitive, non virtualizable instructions. The guest OSes and their applications consist of
noncritical and critical instructions. In a host-based system, both a host OS and a guest OS are
used. A virtualization software layer is built between the host OS and guest OS.

Full Virtualization:
With full virtualization, noncritical instructions run on the hardware directly while critical
instructions are discovered and replaced with traps into the VMM to be emulated by software.
Both the hypervisor and VMM approaches are considered full virtualization.
Binary Translation of Guest OS Requests Using a VMM :
VMware puts the VMM at Ring 0 and the guest OS at Ring 1. The VMM scans the
instruction stream and identifies the privileged, control- and behavior-sensitive instructions. When
these instructions are identified, they are trapped into the VMM, which emulates the behavior of
these instructions.

Figure 2.13 Indirect execution of complex instructions via binary translation of guest OS
requests using the VMM plus direct execution of simpleinstructions on the same host.
The method used in this emulation is called binary translation. Therefore, full virtualization
combines binary translation and direct execution. The guest OS is completely decoupled from the
underlying hardware. Consequently, the guest OS is unaware that it is being virtualized. Binary
translation employs a code cache to store translated hot instructions toimprove performance, but it
increases the cost of memory usage.
Host-Based Virtualization:
An alternative VM architecture is to install a virtualization layer on top of the host OS.
This host OS is still responsible for managing the hardware. The guest OSes are installed and run
on top of the virtualization layer. Dedicated applications may run on the VMs. Certainly, some
other applications can also run with the host OS directly. This host-based architecture has some
distinct advantages, as enumerated next. First, the user can install this VM architecture without
modifying the host OS. The virtualizing software can rely on the host OS to provide device drivers
and other low level services. This will simplify the VM design and ease its deployment. Second,
the host-based approach appeals to many host machine configurations.

Compared to the hypervisor/VMM architecture, the performance of the host based architecture
may also be low. When an application requests hardware access, it involves four layers of mapping
which downgrades performance significantly.

2.7.3 Para-Virtualization with Compiler Support:

Para-virtualization needs to modify the guest operating systems. A para-virtualized VM
provides special APIs requiring substantial OS modifications in user applications. Performance
degradation is a critical issue of a virtualized system. No one wants to use a VM if it is much
slower than using a physical machine.
The virtualization layer can be inserted at different positions in a machine software stack.
However, para-virtualization attempts to reduce the virtualization overhead, and thus improve
performance by modifying only the guest OS kernel. The guest operating systems are para-
virtualized. The traditional x86 processor offers four instruction execution rings: Rings 0,1, 2,
and 3. The lower the ring number, the higher the privilege of instruction being executed. The OS
is responsible for managing the hardware and the privileged instructions to execute at Ring 0, while
user-level applications run at Ring 3.

Figure 2.14 Para-virtualized VM architecture

 Figure 2.15 The use of a para-virtualized guest OS assisted by an
intelligent compiler to replace non virtualizable OS
instructions by hyper calls.

Para-Virtualization Architecture:
When the x86 processor is virtualized, a virtualization layer is inserted
between the hardware and the OS. According to the x86 ring definitions, the
virtualization layer should also be installed at Ring 0. The para-virtualization
replaces non virtualizable instructions with hyper calls that communicate
directly with the hypervisor or VMM. However, when the guest OS kernel is
modified for virtualization, it can no longer run on the hardware directly.
Although para-virtualization reduces the overhead, it has incurred
other problems. First, its compatibility and portability may be in doubt,
because it must support the unmodified OS as well. Second, the cost of
maintaining para-virtualized OSes is high, because they may require deep OS
kernel modifications. Finally, the performance advantage of para
virtualization varies greatly due to workload variations.

KVM (Kernel-Based VM):

 This is a Linux para-virtualization system—a part of the Linux
version 2.6.20 kernel. Memory management and scheduling activities are
carried out by the existing Linux kernel. The KVM does the rest, which
makes it simpler than the hypervisor that controls the entire machine. KVM
is a hardware-assisted para-virtualization tool, which improves performance
and supportsunmodified guest OSes such as Windows, Linux, Solaris, and
other UNIX variants. Unlike thefull virtualization architecture which
intercepts and emulates privileged and sensitive instructions at runtime, para-
virtualization handles these instructions at compile time.
The guest OS kernel is modified to replace the privileged and sensitive
instructions with hyper calls to the hypervisor or VMM. Xen assumes such a
para virtualization architecture. The guest OS running in a guest domain may
run at Ring 1instead of at Ring 0. This implies that the guest OS may not be
able to execute some privileged and sensitive instructions. The privileged
instructions are implemented by hypercalls to the hypervisor. After replacing
the instructions with hyper calls, the modified guest OS emulates the behavior
of the original guest OS.