Unit -2

Cloud Computing
(Introduction of Virtualization)
Virtualization Structures/Tools and Mechanisms
• In general, there are three typical classes of VM architecture. Figure showed
the architectures of a machine before and after virtualization.
• Before virtualization, the operating system manages the hardware.
• After virtualization, a virtualization layer is inserted between the hardware
and the operating system. In such a case, the virtualization layer is responsible
for converting portions of the real hardware into virtual hardware.
• Therefore, different operating systems such as Linux and Windows can run on
the same physical machine, simultaneously.
• Depending on the position of the virtualization layer, there are several classes
of VM architectures, namely the hypervisor architecture, para-virtualization,
and host-based virtualization.
• The hypervisor is also known as the VMM (Virtual Machine Monitor). They
both perform the same virtualization operations.
Why Virtualization ? - Green Focus

The Reality:
• Most servers only use 5-15% of their capabilities on average, while
consuming 60-90% of their peak power.

The Solution - Virtualization:

o Use one server to host multiple applications.
o Reduce energy consumption
o Reduce CO2 emissions

Running fewer, highly utilized servers frees up space and

power. Less space and power is better for environment and
saves money.
Virtualization Architecture
• A Virtual machine (VM) is an isolated runtime
environment (guest OS and applications)
• Multiple virtual systems (VMs) can run on a single
physical system

Multiple Software
Applications
Multiple Software
Applications
Operating System Operating System
Virtual Server 1 Virtual Server 2
Hypervisor
Full Virtualization
Full virtualization
• Enables hypervisors to run an
unmodified guest operating
system (e.g. Windows 2003 or
XP).
• Guest OS is not aware that it is
being virtualized.

Hardware
• E.g.: VMware uses a
combination of direct execution
and binary translation techniques
to achieve full virtualization of
CPU Memory NIC DISK server systems.

44
 Binary Translation of Guest OS Requests
Using a VMM
 This approach was implemented by VMware and
many other software companies.
 VMware puts the VMM at Ring 0 and the guest
OS at Ring 1. The VMM scans the instruction
stream and identified the privileged, control- and
behavior sensitive instructions.
 When these instructions are identified, they are
trapped into the VMM, which emulates the
behavior of these instructions.
 The method used in this emulation is called
binary translation. Therefore, full virtualization
combines binary translation and direct execution.
 Host-Based Virtualization
• An alternative VM architecture is to install a virtualization
layer on top of the host OS. This host OS is still responsible
for managing the hardware.
• This host-based architecture has some distinct advantages.
First, the user can install this VM architecture without
modifying the host OS. The virtualizing software can rely on
the host OS to provide device drivers and other low-level
services. This will simplify the VM design and ease its
deployment.
• Second, the host-based approach appeals to many host
machine configurations. Compared to the hypervisor/VMM
architecture, the performance of the host-based architecture
may also be low.
Para -virtualization
 Para -virtualization needs to modify the guest operating
systems.
 A para-virtualized VM provides special APIs requiring
substantial OS modifications in user applications.
 Performance degradation is a critical issue of a
virtualized system.
 Full Virtualization vs. Para-Virtualization
Full virtualization
 Does not need to modify guest OS, and critical instructions are emulated by
software through the use of binary translation.
 VMware Workstation applies full virtualization, which uses binary translation to
automatically modify x86 software on-the-fly to replace critical instructions.
Advantage: no need to modify OS.
Disadvantage: binary translation slows down the performance.
Para virtualization
 Reduces the overhead, but cost of maintaining a paravirtualized OS is high.
 The improvement depends on the workload.
 Para virtualization must modify guest OS, non-virtualizable instructions are
replaced by hyper calls that communicate directly with the hypervisor or VMM.
 Para virtualization is supported by Xen, Denali and VMware ESX.
Types of Virtualisation

 Hardware
 Server / OS / Devices ( peripheral devices like printer etc..)
 Desktop
 Storage ( Memory, hard disk etc..)
 Network
 Application software
 Data
Desktop Virtualization
 Virtualization of CPU, Memory, and I/O Devices
 A VM is a duplicate of an existing computer system in which a majority of
the VM instructions are executed on the host processor in native mode. Thus,
unprivileged instructions of VMs run directly on the host machine for higher
efficiency. Other critical instructions should be handled carefully for
correctness and stability.
 The critical instructions are divided into three categories: privileged
instructions, control –sensitive instructions, and behavior-sensitive
instructions.
 Privileged instructions execute in a privileged mode and will be trapped if
executed outside this mode.
 Control-sensitive instructions attempt to change the configuration of
resources used.
 Behavior-sensitive instructions have different behaviors depending on the
configuration of resources, including the load and store operations over the
virtual memory.
CPU Virtualization
 A CPU architecture is virtualizable if it supports the ability to run the
VM’s privileged and unprivileged instructions in the CPU’s user mode
while the VMM runs in supervisor mode.
 When the privileged instructions including control- and behavior-
sensitive instructions of a VM are executed, they are trapped in the
VMM. In this case, the VMM acts as a unified mediator for hardware
access from different VMs to guarantee the correctness and stability of
the whole system. However, not all CPU architectures are virtualizable.
 RISC CPU architectures can be naturally virtualized because all
control and behavior-sensitive instructions are privileged instructions.
 On the contrary, x86 CPU architectures are not primarily designed to
support virtualization.
 CPU virtualization
 How to virtualize CPU resource?
 VM is set one or more vCPUs and each vCPU is allocated to run
applications of Guest OS.
 Each application program is denoted by an ordered set of instructions and
finally executed by physical CPU.
 During the running of application, app instructions will firstly submitted to
vCPU, then the vCPUs are allocated to physical CPU to run instructions
through VMM scheduling.
 Some sensitive instructions only be executed by root user
 Non-privileged instruction can be executed in Guest OS
VM0 VMn
APP (Instructions ) APP (Instructions )
vCPU vCPU …... vCPU VMs

VMM
scheduling allocate
pCPU pCPU …… pCPU PM
CPU virtualization approaches

 Binary Translation (BT)

 Translate guest OS binary on the fly to solve virtualization
issue
 Paravirtualization (PV)
 Modify guest OS to directly access some special CPU
instruction.
 Hardware-assisted virtualization
 Some virtualized instructions directly executed by physical
CPU
1)Binary Translation (BT)
 Translate guest OS binary
 OS binary is still visible to guest, but the executed Guest Operating
guest code is actually in translation cache. System
 Need to steal guest address space to hold the binary
translated cache.
 be able to run unmodified guest OS Translated by VMM
 All the instructions are virtualized for
translation.
 Frequent translations impact on performance Physical
 Benefit: not modify guest OS instructions

 VMWare, Qemu
2)Paravirtualization (PV)

 Modify guest OS source to cooperatively work with

hypervisor for performance, simplicity etc.
 Hypercall to request for hypervisor service
 Share the global resource
 Event channel to receive asynchronous notification from
hypervisor
 Share memory for massive information communication
 Virtio for directly access IO device
 Widely used in device driver by commercial VMMs
 Vmware
 Xen/KVM
 Hyper-V
3)Hardware-assisted virtualization

 Hardware extension
 Intel® Virtualization Technology (Intel® VT)
 AMD-V
 Hardware support to enable that
 Guest OS runs in de-privileged mode to execute
instructions
 Guest access to privileged resources triggers exit from
VM to VMM

 The purpose is to run unmodified guest OS

Memory Virtualization
 Virtual memory virtualization is similar to the virtual memory
support provided by modern operating systems. In a traditional
execution environment, the operating system maintains
mappings of virtual memory to ma chine memory using page
tables, which is a one-stage mapping from virtual memory to
machine memory.
 However, in a virtual execution environment, virtual memory
virtualization involves sharing the physical system memory in
RAM and dynamically allocating it to the physical memory of
the VMs.
 That means a two-stage mapping process should be maintained
by the guest OS and the VMM, respectively: virtual memory to
physical memory and physical memory to machine memory.
Memory Virtualization
 Not only virtual memory
 Hardware support
 e.g., x86 MMU and TLB
 To run multiple virtual machines on a single system, another level of memory
virtualization is required.
 The VMM is responsible for mapping guest physical memory to the actual machine
memory, and it uses shadow page tables to accelerate the mappings.

VM1 VM2

Process 1 Process 2 Process 1 Process 2

Virtual memory

Physical memory

Machine memory
Physical page frame redirection
contiguous

MAP

noncontiguous
Page frame allocation

 Partitioning
 Simple and high performance
 $ to buy more memory
 Ballooning
 A VMM-aware balloon driver running in guest OS to dynamically
allocate memory from OS and release them to VMM, and vice
versa
 Host swapping
 The physical frames for guest pages may be swapped out
 Shadow page table
 Guest memory <-- physical machine memory
Ballooning
Device and I/O Virtualization

 VMM ( Virtual Machine Monitor) supports all device/IO

drivers
 Physically/virtually existed

I/O Virtualization
There are three ways to implement I /O virtualization: full device emulation, para-
virtualization, and direct I /O.
 I/O virtualization. Generally, this approach emulates well-known, real-world
devices. All the functions of a device or bus infrastructure, such as device
enumeration, identification, interrupts, and DMA, are replicated in software. This
software is located in the VMM and acts as a virtual device.
 The para-virtualization method of I /O virtualization is typically used in Xen. It is
also known as the split driver model consisting of a frontend driver and a backend
driver. It achieves better device performance than full device emulation, it comes
with a higher CPU overhead
 Direct I /O virtualization lets the VM access devices directly. It can achieve close-
to native performance without high CPU costs.
Device interface
Driver program

 Interaction between device and driver:

 Driver programs device through register access
 Device notifies driver through interrupt
 Device could DMA for massive data movement
 I/O Virtualization requires the hypervisor to present guest a complete device
interface
 Presenting an existing interface
 Software Emulation
 Direct assignment
 Presenting a brand new interface
 Paravirtualization
Software Emulation
Guest
 Guest runs native device driver,
e.g. NE2000 VM
 I/O access is trap-and-emulated
by device model in hypervisor
 Translation of virtual interrupt
 Virtual Interrupt is signaled by
device model per semantics
 Excessive trap and
emulation
VMM
Paravirtualization
 Modify guest OS
 A new front-end driver (FE driver) is
run in guest
 Optimized request through hypercall
 Hypervisor runs a back-end driver
(BE driver) to service request from
FE driver
 Notify guest for processing
 Shared memory is used for massive
data communication
 To reduce guest/hypervisor boundary
crossing
 E.g. Xen VNIF, KVM Virtio-Net
Direct assignment
 Guest runs native driver
 I/O is written through
 Translation for MMIO is presented
 Interrupt
 Physical interrupt is captured by hypervisor
(pIRQ)
 Virtual interrupt is signaled for guest
(vIRQ)
 Remapping from pIRQ->vIRQ in
hypervisor
 Special hardware device is directly
allocated to a special VM
Implementation Levels of Virtualization

Wine is a free and open

source compatibility layer
software application that
aims to allow applications
designed for Microsoft
Windows to run on Unix-
like operating systems
 1. Virtualization at Instruction Set
Architecture (ISA) level:
 At the ISA level, virtualization is performed by emulating a
given ISA by the ISA of the host machine. Instruction set
emulation leads to virtual ISAs created on any hardware
machine. e.g, MIPS binary code can run on an x-86-based host
machine with the help of ISA emulation.
 With this approach, it is possible to run a large amount of legacy
binary code written for various processors on any given new
hardware host machine.
 code interpretation – dynamic binary translation - virtual
instruction set architecture (V-ISA)
CONT..

 Advantage:
• It can run a large amount of legacy binary codes written for
various processors on any given new hardware host machines
• best application flexibility
 Shortcoming & limitation:
• One source instruction may require tens or hundreds of native
target instructions to perform its function, which is relatively
slow.
• V-ISA requires adding a processor-specific software
translation layer in the complier.
2.Virtualization at Hardware Abstraction
level:
 Hardware-level virtualization is performed right on top of the bare
hardware.
 On the one hand, this approach generates a virtual hardware
environment for a VM.
 On the other hand, the process manages the underlying hardware
through virtualization.
 The idea is to virtualize a computer’s resources, such as its processors,
memory, and I/O devices. The intention is to upgrade the hardware
utilization rate by multiple users concurrently.
Advantage:
 Has higher performance and good application isolation
Shortcoming & limitation:
 Very expensive to implement (complexity)
Virtualization at HAL
3.Virtualization at Operating System (OS)
level:
 OS-level virtualization creates isolated containers on a single physical server
and the OS instances to utilize the hardware and software in data centers.
The containers behave like real servers.
 OS-level virtualization is commonly used in creating virtual hosting
environments to allocate hardware resources among a large number of
mutually distrusting users.
Advantage:
 Has minimal startup/shutdown cost, low resource requirement, and high
scalability; synchronize VM and host state changes.
Shortcoming & limitation:
 All VMs at the operating system level must have the same kind of guest OS
 Poor application flexibility and isolation.
Virtualization at OS Level
Advantages of OS Extension for Virtualization

1. VMs at OS level has minimum startup/shutdown costs

2. OS-level VM can easily synchronize with its environment

Disadvantage of OS Extension for Virtualization

All VMs in the same OS container must have the same or
similar guest OS, which restrict application flexibility of different
VMs on the same physical machine.
4.Library Support level:
 Since most systems provide well-documented APIs, such an interface
becomes another candidate for virtualization.
 Virtualization with library interfaces is possible by controlling the
communication link between applications and the rest of a system through
API hooks.
 The software tool WINE has implemented this approach to support
Windows applications on top of UNIX hosts.
 Another example is the vCUDA which allows applications executing within
VMs to leverage GPU hardware acceleration.

Advantage:
 It has very low implementation effort
Shortcoming & limitation:
 poor application flexibility and isolation
 5.User-Application Level
•Virtualization at the application level virtualizes an application as a VM. On a
traditional OS, an application often runs as a process.
Therefore, application-level virtualization is also known as process-level
virtualization.
• The most popular approach is to deploy high level language (HLL) VMs. In
this scenario, the virtualization layer sits as an application program on top of
the operating system, and the layer exports an abstraction of a VM that can run
programs written and compiled to a particular abstract machine definition.
•Other forms of application-level virtualization are known as
application isolation,
application sandboxing, or application streaming.
Advantage:
•has the best application isolation
Shortcoming & limitation:
•low performance, low application flexibility and high implementation
complexity.
Comparison of Implementation
Levels of Virtualization
 The XEN Architecture
 Xen is an open source hypervisor program developed by
Cambridge University. Xen is a micro-kernel hypervisor,
which separates the policy from the mechanism.
 Xen does not include any device drivers natively . It just
provides a mechanism by which a guest OS can have direct
access to the physical devices.
 As a result, the size of the Xen hypervisor is kept rather
small. Xen provides a virtual environment located between
the hardware and the OS.
Benefits of Virtualization
 Sharing of resources helps cost reduction
 Isolation: Virtual machines are isolated from each other as if they are
physically separated
 Encapsulation: Virtual machines encapsulate a complete computing
environment
 Hardware Independence: Virtual machines run independently of
underlying hardware
 Portability: Virtual machines can be migrated between different hosts.
Advantages of virtual machines
 Run operating systems where the physical hardware is unavailable,
 Easier to create new machines, backup machines, etc.,
 Software testing using “clean” installs of operating systems and software,
 Emulate more machines than are physically available,
 Timeshare lightly loaded systems on one host,
 Debug problems (suspend and resume the problem machine),
 Easy migration of virtual machines (shutdown needed or not).
 Run legacy systems!