Virtualizing x86 Computer

virtualization
• Virtualizing x86 computer architectures
involves creating virtual instances of x86-
based systems, allowing multiple
operating systems or applications to run
concurrently on the same physical
hardware.
• This concept is central to modern cloud
computing, where virtualization plays a
key role in resource optimization,
scalability, and flexibility.
• In the late 1990s when internet consumption was booming
and microprocessors were growing by Moore’s law, A need to
build large scale systems was arising.
• Instead of adding more physical machines for running
applications, businesses like IBM started building
virtualization solutions to run many operating systems on
their single powerful mainframes.
• Datacenters expanded in capacity comprising thousands of
physical machines serving applications on the internet.
Instead of providing a single physical machine to each user,
many virtualized systems running on each machine offered a
cheaper and more efficient solution revolutionizing the
industry.
• VMWare arose to the technological forefront of virtualization
with their state of the art server and desktop virtualization
offerings.
Methods for Virtualizing x86 Computers:
1.Hypervisor:
1. This is software that manages virtual machines.
2. There are two types:
1.Type-1 hypervisor: Runs directly on the computer's hardware.
2.Type-2 hypervisor: Runs on top of an operating system.
2.Virtual Operating Systems:
1. These are operating systems that run within a virtual machine.
2. Examples include VirtualBox, VMware Workstation, and KVM.
Benefits of Virtualizing x86 Computers:
•Running multiple operating systems on a single computer: Create different
computing environments using various operating systems.
•Isolation: Protect different applications from each other.
•Testing and development: Test new operating systems, applications, or software in
a safe environment.
•Resource management: Efficiently utilize the computer's resources.
Tools for Virtualizing x86 Computers:
•VirtualBox: A free and open-source virtual operating system created by Oracle
Corporation.
•VMware Workstation: A commercial virtual operating system created by VMware,
Inc.
•KVM: A virtual operating system built into the Linux kernel.
Virtualized Ubuntu 16 running via VMWare on Windows 10 (lscpu lists the OS as
fully virtualized)
Advantages of Virtualization
• Using VMWare or Virtualbox software, a desktop computer can
run many operating systems at the same time at near-native
performance.
• Developers can have multiple virtual machines running various
environments required for development and testing.
• A developer on Windows can develop Linux applications as if
they were running it natively. Production environments can be
simulated on local systems easily with virtualized systems.
• Server virtualization enables datacenters to efficiently utilize
hardware resources by running multiple operating systems
provisioned to many users running on a single machine.
• Amazon EC2 is the cloud compute service on Amazon Web
Services, They use a modified Xen Server based system to
provision and manage virtual machines across their
datacenters efficiently.
Virtualization of Hardware
• Various hardware components constitute a computer, the job of
virtualization software is to emulate the hardware identically in
software.
• This emulated computer system is identical to the one running
the host and exposes identical interfaces.
• Virtualization Software executes the code for a guest operating
system as it might be running on actual hardware and thus be
able to run multiple operating systems on the same machine.
• The difficult problem is to emulate all the aspects of the
hardware identically and efficiently.
• The CPU, Memory and Device I/O are the major components
needed to be virtualized by virtualization software.
• This emulation poses several technical challenges in
performance, isolation, and security.
• Hypervisor: It is an application that manages many virtual
machines running on the system.
It is either executed as a separate OS on the hardware directly
called a Type 1 Hypervisor.
Otherwise, it can run inside another operating system as an
application called a Type 2 Hypervisor.
•
Microsoft’s Hyper-V, The Xen Project are examples of Type 1
hypervisors.
•
VirtualBox, VMWare Workstation, QEMU are examples
of Type 2 hypervisors.
• Host Operating System: The operating system via
which the Virtual Machines are run. For Type 1
Hypervisors, as in Hyper-V, the hypervisor itself is
the Host OS which schedules the virtual
machines and allocates memory. For Type 2
hypervisors, the OS on which the hypervisor
applications run is the Host OS.
• Guest Operating System: The operating system
that uses virtualized hardware. It can be either
Fully Virtualized or Para Virtualized. An
enlightened guest OS knows that its a virtualized
system which can improve performance.
• Virtual Machine Monitor: VMM is the application that
virtualizes hardware for a specific virtual machine and
executes the guest OS with the virtualized hardware.
• Full Virtualization: The guest OS is presented an
identical CPU and hardware as the original host. This is
difficult to achieve on x86 without hardware support as
some components like the memory management unit is
difficult to simulate.
• Para Virtualization: The code of the guest operating
systems is modified. The interfaces for user
applications don’t change but the kernel uses modified
interfaces to interact with the hypervisor to access
certain functions of the system. This improves
virtualization performance.
Emulating the CPU
• Emulating the CPU is executing the instructions present
in the Guest OS program.
• This can be done by directly executing the memory
containing these instructions.
• We need to make sure that the guest OS is not able to
manipulate the system outside of regions of its memory
and it cannot modify sensitive parts of the host system
like the segment descriptors, memory management
registers, etc.
• A situation which allows this is a vulnerability and is
called a VM Escape, allowing the guest OS to escape the
isolation of the virtual machine.
Binary Translation
• The first virtualization software were based on Binary
Translation or BT, It trapped the execution of the instructions
from the guest OS and translated them as required.
• If it required execution of sensitive instructions, it will
convert the instructions to use a different instruction in
actual execution and return the data as defined in the Virtual
Machine Monitor.
• The extra overhead in translation due to high amount of
context switching between the guest and the host for
translating instructions lead to performance degradation in
binary translation.
• The evolution of an x86 virtual machine monitor is an
excellent paper from VMWare highlighting the details and
challenges of binary translation.
Hardware Assisted Virtualization
• To overcome the lack of performance in binary translation, CPU makers
added virtualization support to the hardware which provided various features
like hardware isolation of virtual machines, hardware paging and memory
management for individual virtual machines.
• This enables a virtual machine to run at near-native speeds. Intel VT-x
introduces new instructions to x86 enabling virtualization support in the
hardware.
• This hardware support brings the concepts of hosts and guests to the
hardware enabling the CPU to virtualize its components like the MMU, TLB’s,
etc to each virtual machine automatically. This makes full virtualization
possible and virtual machines can execute at near-native performance.
• The amount of context switching between the guest to host OS decreases
and most of the guest OS executes directly on the CPU rather than via the
host OS.
• With hardware virtualization, the hardware can virtualize the virtualization
extensions themselves allowing recursive virtualization.
• The nested virtual machines run at the same level as the first guest OS
Emulating the memory
• An operating system uses virtual memory to create
address spaces and processes.
• The address space is a virtual and contiguous piece of memory
for every process realized using paging and can be as large as
128 terabytes. This is called Virtual Memory.
• Implementing virtual memory systems in software is inefficient
thus many CPUs come with an inbuilt Memory Management Unit
which gives hardware assistance in creating virtual memory
systems by providing hardware page tables and
translation lookaside buffers.
The x86 architecture supports virtual memory with an MMU consisting of
a TLB and a hardware page table walker. The walker fills the TLB by
traversing hierarchical page tables, in physical memory.
• The Translation Lookaside Buffer (TLB) caches page
table entries resolving to physical addresses.
• As the TLB fills up with entries performance of the
system increases as it less frequently incurs the penalty
of traversing the page table structures filling the page
table entry in the TLB.
• The VMM virtualizes the MMU of the CPU in the software using
the virtual memory mechanisms of the host OS.

• The Guest OS uses the MMU to create virtual memory systems

just as it will on a physical machine and the VMM managed MMU
keeps the memory of the guest OS isolated from the host OS
implicitly providing security and isolation.

• Virtualizing the MMU in software is a difficult task, it involves

using the host’s virtual memory mechanisms to build a TLB in
software.

• Software TLBs are built using Shadow Page Tables, it is

inefficient and one of the reasons why software virtualization is
not performant.
• Hardware virtualization extensions virtualize the hardware MMU
and the TLB for the Guest OS, Intel VT-x provides this in the
form of the Extended Page Table (EPT).
• Intel x86 CPU’s provides the %CR3 register which contains the
pointer to the hardware page table and hardware instructions
which can walk the page table and read the required page.
• EPT virtualizes the %CR3 register via an EPT Pointer (EPTPTR)
for each virtual machine and provides individual hardware
walked page tables.
Key Concepts in x86 Virtualization:
1. Hypervisor (Virtual Machine Monitor - VMM):
• A hypervisor is software that creates and manages
virtual machines (VMs) on a host system. There are two
types of hypervisors:
• Type 1 (Bare-metal): Runs directly on the physical
hardware. Examples include VMware ESXi, Microsoft Hyper-V,
and Xen.
• Type 2 (Hosted): Runs on top of a host operating system.
Examples include VMware Workstation and Oracle VirtualBox.
2. Full Virtualization:

In full virtualization, the hypervisor emulates the complete

hardware environment, allowing unmodified guest operating
systems to run.
The x86 architecture is fully abstracted from the physical
hardware, providing isolation and independence for each VM.

3.Paravirtualization:
Paravirtualization involves modifying the guest operating
system to work with the hypervisor.
This reduces overhead by allowing the guest OS to directly
communicate with the hypervisor, optimizing performance.
Examples include Xen with a paravirtualized Linux kernel.
4. Hardware-Assisted Virtualization:
Modern x86 processors include virtualization extensions (e.g., Intel VT-
x and AMD-V) that enhance the performance and security of VMs.
These extensions allow the hypervisor to efficiently manage VMs by
offloading certain tasks to the hardware.

5.Nested Virtualization:
Nested virtualization allows a VM to run as a hypervisor and create
additional VMs. This is particularly useful for testing and development
environments where virtualization environments need to be replicated.

6. Memory Virtualization:
Virtual memory management allows VMs to use memory resources
efficiently. Techniques like memory overcommitment and ballooning
are used to optimize the use of physical memory among multiple VMs.
7.I/O Virtualization:
I/O virtualization abstracts physical input/output devices,
enabling VMs to share and access physical devices like network
interfaces and storage.

Technologies like Single Root I/O Virtualization (SR-IOV) enhance

I/O performance in virtualized environments.

8. Storage Virtualization:
Storage virtualization abstracts physical storage devices,
allowing them to be managed and allocated dynamically to VMs.
Virtual disk files (e.g., VMDK, VHD) represent the storage used
by VMs.
Applications and Benefits:
•Server Consolidation: Reducing the number of
physical servers by running multiple VMs on a
single server.
•Disaster Recovery: VMs can be easily backed up
and restored, improving business continuity.
•Scalability: Virtual environments can be scaled up
or down quickly by adding or removing VMs.
•Resource Optimization: Efficient use of CPU,
memory, and storage resources across multiple
workloads.
• MMU (Memory Management Unit) virtualization
is a critical aspect of virtualizing computer
systems, particularly in x86 architectures.
• The MMU is responsible for translating virtual
memory addresses used by applications into
physical memory addresses used by the
hardware.
• In a virtualized environment, MMU
virtualization ensures that each virtual
machine (VM) can manage its memory
independently while sharing the underlying
physical memory with other VMs.
• Key Concepts in MMU Virtualization:
1.Shadow Page Tables:
1.In early virtualization implementations, the
hypervisor used shadow page tables to manage
the virtual-to-physical address translation for each
VM. The hypervisor would maintain a copy of the
guest OS's page tables (called shadow page
tables) that maps guest virtual addresses to host
physical addresses.
2.The hypervisor intercepts memory operations by
the guest OS, updating the shadow page tables
accordingly. This approach ensures that the guest
OS remains unaware that it is running in a
• CPU virtualization is a key component of
modern virtualization technologies that
allows multiple operating systems and
applications to run concurrently on a single
physical CPU by abstracting and sharing the
CPU's resources.
• This capability is fundamental to enabling
virtual machines (VMs) to operate as if they
have dedicated access to the CPU, even
though they are sharing it with other VMs.
Key Concepts in CPU Virtualization:
1.Hypervisor (Virtual Machine Monitor - VMM):
1. The hypervisor is the layer of software that manages CPU virtualization. It acts as an
intermediary between the physical CPU and the virtual machines, ensuring that each
VM gets its fair share of CPU resources.
2.Type 1 Hypervisor (Bare-metal): Runs directly on the physical hardware (e.g.,
VMware ESXi, Microsoft Hyper-V).
3.Type 2 Hypervisor (Hosted): Runs on top of a host operating system (e.g., VMware
Workstation, Oracle VirtualBox).
2.CPU Scheduling:
1. The hypervisor schedules CPU time for each VM, ensuring that multiple VMs can share
the same physical CPU without interfering with each other. This involves allocating
CPU cycles to VMs based on their needs and the overall load on the system.
2. The hypervisor uses various scheduling algorithms, such as round-robin or priority-
based scheduling, to manage how CPU resources are distributed among VMs.
3.Full Virtualization:
1. In full virtualization, the hypervisor creates a complete virtual environment that
emulates the underlying hardware, allowing unmodified guest operating systems to
run. This includes virtualizing the CPU so that the guest OS behaves as though it has
direct access to a physical CPU.
2. The hypervisor traps and emulates privileged CPU instructions that cannot be directly
4. Paravirtualization:
1. In paravirtualization, the guest OS is aware that it is running in a virtualized
environment and is modified to interact with the hypervisor more efficiently.
This reduces the overhead of CPU virtualization by allowing the guest OS to
communicate directly with the hypervisor for certain tasks.

• 5. Hardware-Assisted Virtualization:
• Modern CPUs include hardware features designed to improve the
efficiency of CPU virtualization. Intel VT-x and AMD-V are examples of
such technologies.
• Intel VT-x and AMD-V: These extensions provide support for trapping
and executing privileged instructions directly in hardware, reducing the
need for the hypervisor to emulate these instructions, which
significantly improves performance.
• VMCS (Virtual Machine Control Structure) and VMCB (Virtual
Machine Control Block): Structures used by Intel and AMD,
respectively, to manage the state of VMs, including the CPU state,
making context switches between VMs more efficient.
6. Nested Virtualization:Nested virtualization allows a VM to run
as a hypervisor itself, creating additional VMs. This is particularly
useful in development, testing, and training environments where
you need to simulate complex virtualization scenarios.

7. CPU Affinity:CPU affinity refers to the binding of a VM to a

specific physical CPU or a set of CPUs. This can help optimize
performance by reducing context switching and cache thrashing
when a VM is consistently executed on the same CPU cores.

8. Virtual CPU (vCPU):Each VM is assigned a certain number of

virtual CPUs (vCPUs), which represent the CPU resources that the
VM can use. The hypervisor maps these vCPUs to the physical
CPU cores, managing the allocation and scheduling of CPU time.
• Applications and Benefits:
• Server Consolidation: Multiple VMs can run on a single
physical server, reducing the need for dedicated hardware and
improving resource utilization.
• Load Balancing: VMs can be dynamically migrated across
physical servers to balance CPU load and optimize
performance.
• Scalability: CPU virtualization allows for easy scaling of
resources by adding more vCPUs to a VM or migrating VMs to
more powerful physical servers.
• Isolation: Each VM operates independently, providing isolation
from other VMs, which enhances security and stability.
Challenges:
• Overhead: CPU virtualization introduces some
overhead, particularly in scenarios where high
CPU performance is critical. Hardware-assisted
virtualization has mitigated much of this
overhead, but it can still be a factor in highly
loaded systems.
• Resource Contention: If multiple VMs are
contending for CPU resources, it can lead to
performance degradation. Effective CPU
scheduling and resource management by the
hypervisor are essential to minimize this issue.
• I/O (Input/Output) virtualization is a critical
component of modern virtualization
technologies that enables multiple virtual
machines (VMs) to share and access physical
I/O devices, such as network interfaces,
storage devices, and peripheral devices, in a
secure and efficient manner. I/O virtualization
abstracts the physical I/O resources, allowing
VMs to operate as though they have direct
access to these devices, even though they
are sharing them with other VMs.
 Concepts in I/O Virtualization:

1. Device Emulation:
 How It Works: The hypervisor emulates physical devices and presents them as
virtual devices to the guest operating systems. This allows the VMs to interact
with standard hardware devices without being aware that they are virtualized.
 Example: A network interface card (NIC) in the host machine can be emulated
by the hypervisor and appear as a virtual NIC in each VM.

2. Para-Virtualized Drivers:
 How It Works: Instead of fully emulating hardware devices, the hypervisor uses
para-virtualized drivers, which are optimized for virtual environments. These
drivers are aware of the virtualized nature of the I/O and interact directly with
the hypervisor, bypassing some of the overhead associated with full emulation.
 Example: Virtio drivers in KVM or Xen hypervisors provide efficient I/O
performance for VMs by communicating directly with the hypervisor.
3. Direct Device Assignment (PCI Passthrough):

 How It Works: With direct device assignment, a physical I/O device, such as a PCI or PCIe device,
is directly assigned to a VM, allowing the VM to have near-native performance by bypassing the
hypervisor. The VM interacts with the hardware as if it were physically connected to it.

 Example: A GPU or a high-performance NIC can be directly assigned to a VM for tasks that require
high throughput or low latency.

 Limitations: This method sacrifices some flexibility, as the device is dedicated to a single VM, and
other VMs cannot use it simultaneously.

4. Single Root I/O Virtualization (SR-IOV):

 How It Works: SR-IOV is a hardware-based technology that allows a single physical PCIe device,
such as a NIC, to appear as multiple separate virtual devices (Virtual Functions, or VFs) to the VMs.
Each VF can be assigned directly to a VM, allowing high-performance I/O with minimal overhead.

 Example: A physical NIC with SR-IOV can create multiple virtual NICs, each of which can be
directly assigned to different VMs, providing each VM with its own isolated network interface.

 Benefits: SR-IOV provides the performance benefits of direct device assignment while maintaining
the flexibility to share the physical device among multiple VMs.
5. Network and Storage Virtualization:
 Network Virtualization: Abstracts physical network components to
create virtual networks that can be managed and allocated to VMs.
Technologies like virtual switches, VLANs, and VXLANs enable network
traffic between VMs and external networks to be managed efficiently.
 Storage Virtualization: Abstracts physical storage devices to create
virtual storage pools that can be allocated to VMs. Technologies like virtual
SANs (vSANs), iSCSI, and virtual disks enable flexible and scalable storage
management for VMs.
6. I/O Virtualization Frameworks:
 How It Works: I/O virtualization frameworks, such as VMware's vSphere
and Microsoft's Hyper-V, provide comprehensive tools and services to
manage I/O virtualization. These frameworks include features like virtual
networking, virtual storage management, and automated provisioning of
I/O resources.
Virtualization is used to create a virtual version of an underlying service With
the help of Virtualization, multiple operating systems and applications can
run on the same machine and its same hardware at the same time,
increasing the utilization and flexibility of hardware. It was initially
developed during the mainframe era.

It is one of the main cost-effective, hardware-reducing, and energy-saving

techniques used by cloud providers. Virtualization allows sharing of a single
physical instance of a resource or an application among multiple customers
and organizations at one time.

It does this by assigning a logical name to physical storage and providing a

pointer to that physical resource on demand.

The term virtualization is often synonymous with hardware virtualization,

which plays a fundamental role in efficiently delivering Infrastructure-as-a-
Service (IaaS) solutions for cloud computing. Moreover, virtualization
technologies provide a virtual environment for not only executing
•Host Machine: The machine
on which the virtual
machine is going to be built
is known as Host Machine.
•Guest Machine: The virtual
machine is referred to as a
Guest Machine.
• Work of Virtualization in Cloud Computing
• Virtualization has a prominent impact on Cloud Computing. In
the case of cloud computing, users store data in the cloud, but
with the help of Virtualization, users have the extra benefit of
sharing the infrastructure.
• Cloud Vendors take care of the required physical resources, but
these cloud providers charge a huge amount for these services
which impacts every user or organization.
• Virtualization helps Users or Organisations in maintaining those
services which are required by a company through external
(third-party) people, which helps in reducing costs to the
company.
• This is the way through which Virtualization works in Cloud
Computing.
• Benefits of Virtualization
• More flexible and efficient allocation of resources.
• Enhance development productivity.
• It lowers the cost of IT infrastructure.
• Remote access and rapid scalability.
• High availability and disaster recovery.
• Pay peruse of the IT infrastructure on demand.
• Enables running multiple operating systems.
• Drawback of Virtualization
• High Initial Investment: Clouds have a very high initial
investment, but it is also true that it will help in reducing the
cost of companies.
• Learning New Infrastructure: As the companies shifted from
Servers to Cloud, it requires highly skilled staff who have skills
to work with the cloud easily, and for this, you have to hire new
staff or provide training to current staff.
• Risk of Data: Hosting data on third-party resources can lead to
putting the data at risk, it has the chance of getting attacked by
any hacker or cracker very easily.
• Characteristics of Virtualization
• Increased Security: The ability to control the execution of a
guest program in a completely transparent manner opens new
possibilities for delivering a secure, controlled execution
environment. All the operations of the guest programs are
generally performed against the virtual machine, which then
translates and applies them to the host programs.
• Managed Execution: In particular, sharing, aggregation,
emulation, and isolation are the most relevant features.
• Sharing: Virtualization allows the creation of a separate
computing environment within the same host.
• Aggregation: It is possible to share physical resources among
several guests, but virtualization also allows aggregation, which
is the opposite process.
• Types of Virtualization
1. Application Virtualization
2. Network Virtualization
3. Desktop Virtualization
4. Storage Virtualization
5. Server Virtualization
6. Data virtualization
• https://www.geeksforgeeks.org/virtualization-cloud-computing-
types/
• Types of Virtualization
1.Application Virtualization
2.Network Virtualization
3.Desktop Virtualization
4.Storage Virtualization
5.Server Virtualization
6.Data virtualization
• 1. Application Virtualization: Application
virtualization helps a user to have remote access to an
application from a server.
• The server stores all personal information and other
characteristics of the application but can still run on a
local workstation through the internet.
• An example of this would be a user who needs to run
two different versions of the same software.
• Technologies that use application virtualization are
hosted applications and packaged applications.
• 2. Network Virtualization: The
ability to run multiple virtual networks
with each having a separate control
and data plan. It co-exists together on
top of one physical network.
• It can be managed by individual
parties that are potentially confidential
to each other.
• Network virtualization provides a
facility to create and provision virtual
networks, logical switches, routers,
firewalls, load balancers,
Virtual Private Networks (VPN), and
workload security within days or even
weeks.
• 3. Desktop Virtualization: Desktop virtualization
allows the users’ OS to be remotely stored on a server
in the data center. It allows the user to access their
desktop virtually, from any location by a different
machine.
• Users who want specific operating systems other than
Windows Server will need to have a virtual desktop.
• The main benefits of desktop virtualization are user
mobility, portability, and easy management of software
installation, updates, and patches.
• 4. Storage Virtualization: Storage virtualization is an
array of servers that are managed by a virtual storage
system.
• The servers aren’t aware of exactly where their data is
stored and instead function more like worker bees in a
hive. It makes managing storage from multiple sources
be managed and utilized as a single repository.
• storage virtualization software maintains smooth
operations, consistent performance, and a continuous
suite of advanced functions despite changes, breaks
down, and differences in the underlying equipment.
• 6. Data Virtualization: This is the kind of virtualization in
which the data is collected from various sources and
managed at a single place without knowing more about the
technical information like how data is collected, stored &
formatted then arranged that data logically so that its virtual
view can be accessed by its interested people and
stakeholders, and users through the various cloud services
remotely. Many big giant companies are providing their
services like Oracle, IBM, At scale, Cdata, etc.
• 5. Server Virtualization: This is a kind of
virtualization in which the masking of server
resources takes place.
• Here, the central server (physical server) is divided
into multiple different virtual servers by changing
the identity number, and processors.
• So, each system can operate its operating systems
in an isolated manner. Where each sub-server
knows the identity of the central server.
• It causes an increase in performance and reduces
the operating cost by the deployment of main
server resources into a sub-server resource.
• It’s beneficial in virtual migration, reducing energy
consumption, reducing infrastructural costs, etc.