Unit-I(2nd Part): Virtual

Machines and Virtualization

of Clusters and
datacenters
From book: Distributed and Cloud Computing
K. Hwang, G. Fox and J. Dongarra
Virtualization for Datacenter Automation
to serve millions of clients, simultaneously
 Server Consolidation in Virtualized Datacenter
 Virtual Storage Provisioning and De provisioning
 Cloud Operating Systems for Virtual Datacenters
 Trust Management in virtualized Datacenters
Implementation Levels of
Virtualization
• Virtualization is a computer architecture technology by which multiple
virtual machines (VMs) are multiplexed in the same hardware
machine.
• The idea of VMs can be dated back to the 1960s.
• The purpose of a VM is to enhance resource sharing by many users
and improve computer performance in terms of resource
utilization and application flexibility.
• Hardware resources (CPU, memory, I/O devices, etc.) or software
resources (operating system and software libraries) can be virtualized
in various functional layers.
• This virtualization technology has been revitalized as the
demand for distributed and cloud computing increased
sharply in recent years.
Levels of Virtualization Implementation
• A traditional computer runs with a host operating
system specially tailored for its hardware
architecture.
• After virtualization, different user applications
managed by their own operating systems (guest OS)
can run on the same hardware, independent of the
host OS.
• This is often done by adding additional software, called
a virtualization layer.
• This virtualization layer is known as a hypervisor or
virtual machine monitor (VMM).
Levels of Virtualization Implementation
• The VMs are shown in the upper boxes, where applications run
with their own guest OS over the virtualized CPU, memory, and
I/O resources.
• The main function of the software layer for virtualization is
to virtualize the physical hardware of a host machine
into virtual resources to be used by the VMs, exclusively.
• This can be implemented at various operational levels. The
virtualization software creates the abstraction of VMs by
interposing a virtualization layer at various levels of a
computer system.
• Common virtualization layers include the instruction set
architecture (ISA) level, hardware level, operating system
level, library support level, and application level).
Instruction set
An instruction set, or instruction set architecture (ISA), is the part of
the computer architecture related to programming, including the
native data types (Signed integer types: signed char, short, int, long),
instructions, registers, addressing modes, memory architecture,
interrupt and exception handling, and external I/O.
X86 processor : x86 is a family of backward compatible instruction set
architectures [a] based on the Intel 8086 CPU and its Intel 8088 variant.
Want’s to know more about the X86 processor-
https://www.cis.upenn.edu/~cdmurphy/cit593/fall2012/pdf/lecture20-x86.pdf
Difference between Traditional
Computer and Virtual machines
Virtual Machine, Guest Operating
System,
and VMM (Virtual Machine
Monitor) : layer is the middleware between the
• The Virtualization
underlying hardware and virtual machines represented
in the system, also known as virtual machine monitor
(VMM)
Network-attached storage (NAS)
 Virtualization Ranging from
Hardware to Applications in Five
A Abstraction
Java virtual machine Levels User level program,behave like a real
(JVM) is a virtual machine machine,I/O map, I/O mem,-
that enables a computer mapping with the H/W.
to run Java programs as
well as programs written Programming API’s, application binary
in other languages that interfaces (binary format) every one
are also compiled to Java can use.
bytecode. Host and guest comm, Vir OS level, Win
The Common Language in host and win in guest redundant
Runtime, the virtual machine case OS level will identify
component of Microsoft .NET
Framework, manages the Trap-Privilege Instruction and send to
execution of .NET programs. VMM, native level instruction. Higher
Just-in-time compilation to lower level language
converts the managed code into
machine instructions which are Micro-control level, Instruction
then executed on the CPU of set H/w interaction, convert to
the computer. native language
Level of virtualization
implementation
1) Application level : Process level virtualization (HLL) high level
language .
2) Library level : Virtual hosting environment for larger API hooks
3) OS level:- allocate large numbers of users
4) HAL (H/w abstraction layer level): to virtualize the computer
resources like its processor/memory and I/o devices.
5) ISA (Inst. set arch.): legacy binary code can be used.

https://www.techtarget.com/searchitoperations/definition/
virtual-to-physical-V2P
Virtualization at ISA (Instruction Set Architecture) level:

• At the ISA level, virtualization is performed by emulating a given ISA by

the ISA of the host machine.
• e.g, MIPS binary code can run on an x-86-based host machine with the help of
ISA emulation.
• With this approach, it is possible to run a large amount of legacy binary code
written for various processors on any given new hardware host machine.
• Instruction set emulation leads to virtual ISAs created on any hardware
machine.
• The basic emulation method is through code interpretation.
• An interpreter program interprets the source instructions to target instructions
one by one.
• One source instruction may require tens or hundreds of native target
instructions to perform its function.
Virtualization at ISA (Instruction
Set Architecture) level
• Obviously, this process is relatively slow.

• For better performance, dynamic binary translation is desired.

• This approach translates basic blocks of dynamic source instructions to target

instructions.
• The basic blocks can also be extended to program traces or super blocks to
increase translation efficiency.
• Instruction set emulation requires binary translation and optimization.

• A virtual instruction set architecture (V-ISA) thus requires adding a

processor-specific software translation layer to the compiler.
• Advantage:
• It can run a large amount of legacy binary codes written for various
processors on any given new hardware host machines
• best application flexibility

• Shortcoming & limitation:

• One source instruction may require tens or hundreds of native target
instructions to perform its function, which is relatively slow.
• V-ISA requires adding a processor-specific software translation layer in
the complier.
Virtualization at Hardware Abstraction level (skip):
• Virtualization is performed right on top of the hardware.

• It generates virtual hardware environments for VMs, and manages

the underlying hardware through virtualization.

• Typical systems: VMware, Virtual PC, Denali, Xen

• The idea is to virtualize a computer’s resources, such as its processors, memory, and I/O
devices.

• The intention is to upgrade the hardware utilization rate by multiple users concurrently.

Advantage:

• Has higher performance and good application isolation

Shortcoming & limitation:

• Very expensive to implement (complexity)

Virtualization at Operating System
(OS) level:
• This refers to an abstraction layer between traditional OS and user
applications.
• This virtualization creates isolated containers on a single physical
server and the OS-instance to utilize the hardware and software in
datacenters.
• The containers behave like real servers.
• OS-level virtualization is commonly used in creating virtual hosting
environments to allocate hardware resources among a large number of
mutually distrusting users.
• It is also used, to a lesser extent, in consolidating server hardware by moving
services on separate hosts into containers or VMs on one server.
• Typical systems: Jail / Virtual Environment / Ensim's VPS / FVM
Advantage:
• Has minimal starup/shutdown cost, low resource
requirement, and high scalability; synchronize VM
and host state changes.
Shortcoming & limitation:
• All VMs at the operating system level must have the
same kind of guest OS
• Poor application flexibility and isolation.-- this has
been overcome and will be discussed shortly.
Virtualization at OS Level
Virtualization for Linux and Windows NT Platforms
Case study-SKIP
Advantages of OS Extension for Virtualization

• VMs at OS level has minimum startup/shutdown costs

• OS-level VM can easily synchronize with its environment

Disadvantage of OS Extension for Virtualization

• All VMs in the same OS container must have the same or

similar guest OS, which restrict application flexibility of
different VMs on the same physical machine.
Library Support level:
• Most applications use APIs exported by user-level
libraries rather than using lengthy system calls by the OS.
• Since most systems provide well-documented APIs, such
an interface becomes another candidate for virtualization.
• Virtualization with library interfaces is possible by
controlling the communication link between applications
and the rest of a system through API hooks.
• The software tool WINE has implemented this approach
to support Windows applications on top of UNIX hosts.
• Another example is the vCUDA which allows applications
executing within VMs to leverage GPU hardware
acceleration.
• It creates execution environments for running alien
programs on a platform rather than creating VM to
run the entire operating system.
• It is done by API call interception and remapping.
• Typical systems: Wine, WAB, LxRun , VisualMainWin
Advantage:
• It has very low implementation effort
Shortcoming & limitation:
• poor application flexibility and isolation
Virtualization with Middleware/Library
Support
The vCUBE for Virtualization of
GPGPU
User-Application level:
• Virtualization at the application level virtualizes an
application as a VM.
• On a traditional OS, an application often runs as a
process.
• Therefore, application-level virtualization is also
known as process-level virtualization.
• The most popular approach is to deploy high level
language (HLL) VMs.
• Any program written in the HLL and compiled for this
VM will be able to run on it.
• The Microsoft .NET CLR(Common Language
Runtime) and Java Virtual Machine (JVM: converting
bytecode to the machine specific code) are two good examples
of this class of VM.
• https://en.wikipedia.org/wiki/List_of_Java_virtual_machi
nes
Advantage:
• Has the best application isolation
Shortcoming & limitation:
• Low performance, low application flexibility and
high implementation complexity.
Relative merits of virtualization at various levels (More X’s means higher
merit ,with a maximum of 5 X’s)

More Xs mean higher merit

Relative Merits of Different
Approaches
• The column headings correspond to four technical merits.
“Higher Performance” and “Application Flexibility” are
self-explanatory.
• “Implementation Complexity” implies the cost to
implement that particular virtualization level.
• “Application Isolation” refers to the effort required to
isolate resources committed to different VMs. Each row
corresponds to a particular level of virtualization.
• However, the hardware and application levels are also the
most expensive to implement.
• User isolation is the most difficult to achieve.
• ISA implementation offers the best application flexibility.
Hypervisor
• A hypervisor is a hardware virtualization technique
allowing multiple operating systems, called guests to
run on a host machine. This is also called the Virtual
Machine Monitor (VMM).
Major VMM and Hypervisor
Providers (self study)
The XEN Architecture
The XEN Architecture
• Xen is an open source hypervisor program developed by Cambridge
University.
• Xen is a microkernel hypervisor, which separates the policy from the
mechanism.
• The Xen hypervisor implements all the mechanisms, leaving the policy to
be handled by Domain 0.
• Xen does not include any device drivers natively.
• It just provides a mechanism by which a guest OS can have direct access to
the physical devices.
• As a result, the size of the Xen hypervisor is kept rather small.
• Xen provides a virtual environment located between the hardware and the
OS.
• A number of vendors are in the process of developing commercial Xen
hypervisors, among them are Citrix XenServer and Oracle VM.
• For example, Xen is based on Linux and its security level is C2.
(U.S. National Computer SecurityCenter (NCSC) and granted to products that pass
Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC)
tests)
• Its management VM is named Domain 0, which has the
privilege to manage other VMs implemented on the same host.
• If Domain 0 is compromised, the hacker can control the
entire system.
• So, in the VM system, security policies are needed to improve the
security of Domain 0.
• Domain 0, behaving as a VMM, allows users to create, copy,
save, read, modify, share, migrate, and roll back VMs as
easily as manipulating a file, which flexibly provides
tremendous benefits for users.
• Unfortunately, it also brings a series of security problems during
the software life cycle and data lifetime.
Full Virtualization vs. Para-Virtualization
Full virtualization: https://www.youtube.com/watch?v=CLR0pq9dy4g&t=2s
Paravirtualization: https://www.youtube.com/watch?v=_Tltue_pa-o
https://www.geeksforgeeks.org/difference-between-full-virtualization-and-paravirtualization/

Full virtualization
• Does not need to modify guest OS, and critical instructions are
emulated by software through the use of binary translation.
• VMware Workstation applies full virtualization, which uses
binary translation to automatically modify x86 software on-the-
fly to replace critical instructions.
• Advantage: no need to modify OS.
• Disadvantage: binary translation slows down the performance.
Para virtualization
• Reduces the overhead, but cost of maintaining a
paravirtualized OS is high.
• The improvement depends on the workload.
• Para virtualization must modify guest OS, non-virtualizable
instructions are replaced by hypercalls that communicate
directly with the hypervisor or VMM.
• Para virtualization is supported by Xen, Denali and VMware
ESX.
Some more examples of full and para virtualization>>>> next few
slides…
Full Virtualization
Binary Translation of Guest OS Requests
using a VMM:
Para-Virtualization with Compiler
Support.

• The KVM builds offers kernel-based VM on the Linux

platform, based on para-virtualization
Full Virtualization
VMWare ESX Server for Para-
Virtualization (self study)ESX
VMM
Shadow page table
Shadow page tables are used by the hypervisor to keep track of the
state in which the guest "thinks" its page tables should be.
The guest can't be allowed access to the hardware page tables because
then it would essentially have control of the machine.
So, the hypervisor keeps the "real" mappings (guest virtual -> host
physical) in the hardware when the relevant guest is executing, and
keeps a representation of the page tables that the guest thinks it's
using "in the shadows,“.
Case Study:
Reference: Virtual Machines: Versatile
Platforms for Systems and Processes (The
Morgan Kaufmann Series in Computer
Architecture and Design) 1st Edt.
Copy on write disks
Conclusions on CPU, Memory and I/O
Virtualization:
• CPU virtualization demands hardware-assisted traps
of sensitive instructions by the VMM
• Memory virtualization demands special hardware
support (shadow page tables by VMW are or
extended page table by Intel) to help translate virtual
address into physical address and machine memory in
two stages.
• I/O virtualization is the most difficult one to realize due to
the complexity if I/O service routines and the emulation
needed between the guest OS and host OS.
Multi-Core Virtualization: VCPU vs.
traditional CPU

• Figure 3.16 Four VCPUs are exposed to the software, only three cores are actually present.
VCPUs V0, V1, and V3 have been transparently migrated, while VCPU V2 has been transparently
suspended. (Courtesy of Wells, et al., “Dynamic Heterogeneity and the Need for Multicore
Virtualization”, ACM SIGOPS Operating Systems Review, ACM Press, 2009 [68] )
Software visible VCPU moving from one core to another and temporarily suspending execution of a VCPU when
there are no appropriate cores in which it can run.
Virtual Cores vs. Physical
Processor Cores
Physical cores Virtual cores
The actual physical cores present There can be more virtual cores
in the processor. visible to a single OS than there
are physical cores.
More burden on the software to Design of software becomes easier
write applications which can run as the hardware assists the
directly on the cores. software in dynamic resource
utilization.
Hardware provides no assistance to Hardware provides assistance to
the software and is hence simpler. the software and is hence more
complex.
Poor resource management. Better resource management.

The lowest level of system software The lowest level of system software
What is virtual cluster in CC
• Virtual cluster are built with the VM’s installed at distributed servers
from one or more physical clusters. The VM’s in a virtual cluster are
interconnected logically by a virtual network across several physical
networks.
• Each virtual cluster is formed with physical cluster .It is formed with
physical machines or the VM hosted by multiple physical clusters.
• (diagram…………next page………….)
Virtual Clusters in Many Cores
Space Sharing of VMs -- Virtual Hierarchy
Virtual Cluster Characteristics
• The virtual cluster nodes can be either physical or virtual
machines. Multiple VMs running with different OSs can be

deployed on the same physical node.

• A VM runs with a guest OS, which is often different from

the host OS, that manages the resources in the physical

machine, where the VM is implemented.

• The purpose of using VMs is to consolidate multiple

functionalities on the same server. This will greatly

enhance the server utilization and application flexibility.

• VMs can be colonized (replicated) in multiple servers for the purpose of
promoting distributed parallelism, fault tolerance, and disaster recovery.

• The size (number of nodes) of a virtual cluster can grow or shrink

dynamically, similarly to the way an overlay network varies in size in a P2P

network.

• The failure of any physical nodes may disable some VMs installed on the failing
nodes. But the failure of VMs will not pull down the host system.
Virtual Clusters vs. Physical
Clusters
Live Migration of Virtual Machines