Unit 1. “VIRTUALISATION INTRODUCTION”2966-Network and Services Virtualisation2013-2014 – First semesterAssistant professor: Katja GillyDepartament: Physics and Computer Architectures
Outline
• Introduction• History of Virtualisation• Virtualisation Architecture– System Virtualisation– Storage Virtualisation– GPU Virtualisation– Software Virtualisation– Hardware Support Virtualisation– Network Virtualisation
Outline
• Introduction• History of Virtualisation• Virtualisation Architecture– System Virtualisation– Storage Virtualisation– GPU Virtualisation– Software Virtualisation– Hardware Support Virtualisation– Network Virtualisation
Introduction
• What is virtualisation?– Virtualisation is a broad term (virtual memory, storage,
network, etc.)
– Basically allows one computer to do the job of multiple computers, by sharing the resources of a single hardware across multiple environments
Introduction
• What is virtualisation?
Operating System
App. A App. B App. C App. D
Hardware
Virtualisation Layer
VirtualContainer
App. A App. B
Hardware
VirtualContainer
App. CApp. D
Virtualised systemIt makes it possible to run
multiple Virtual Containers on a single physical platform
Introduction
• Why virtualise?– For multitasking operating systems; computers have
more processing power than one task needs– Consolidation: It allows a number of virtual servers to
be consolidated into a single physical machine–Migration: It is relatively easy to migrate virtual
machines from one physical computer to another– Cloning VMs is also easy– Power cost reduction– Portability: you can save the state of a VM onto a
USB flash drive – Greater degree of isolation than a process in an OS
Outline
• Introduction• History of Virtualisation• Virtualisation Architecture– System Virtualisation– Storage Virtualisation– GPU Virtualisation– Software Virtualisation– Hardware Support Virtualisation– Network Virtualisation
History of Virtualisation
1964 IBM CP-40
1972 IBM VM/370
1997 Virtual PC
1999 VMware
2003Xen
2005 Intel VT
2006 AMD VT
2007KVM-X86
2012Xen-ARMKVM-ARM
Time Sharing
Virtual Memory
Mainframe Virtualisation
DesktopVirtualisation
ServerVirtualisation
Cloud Computing
Traditional-virtualisationPara-virtualisation
HW-assist
MobileVirtualisation
History of Virtualisation
The first machine to fully support virtualisation was: • IBM’s VM, which began life as part of the System/360
project• Specialised, proprietary, high-end server and mainframe
systems• Very easy to migrate from having a collection of
minicomputers to having a single mainframe.• Each minicomputer would simply be replaced with a
virtual machine
History of Virtualisation
• By 1980/90 servers virtualisation adoption initiated a reduction– Inexpensive x86 hardware platforms– Windows/Linux adopted as server OSs
➔ 1 machine 1 OS several applications➔ Applications can affect each other➔ Big disadvantage: machine utilisation is very
low, most of the times it is below than 25%
History of Virtualisation
• x86 server deployments introduced new IT challenges:– Low server infrastructure utilisation (10-18%)– Increasing physical infrastructure costs (facilities, power,
cooling, etc)– Increasing IT management costs (configuration, deployment,
updates, etc)– Insufficient failover and disaster protection
The solution for all these problems was to virtualise x86 platforms
History of Virtualisation
X86Windows
XP
X86Windows
2003
X86Suse
X86Red Hat
12% Hardware Utilisation
15% Hardware Utilisation
18% Hardware Utilisation
10% Hardware Utilisation
App App App App App App App App
History of Virtualisation
Computing Infrastructure – Virtualisation
● It matches the benefits of high hardware utilisation with running several operating systems (applications) in separated virtualised environments
• Each application runs in its own operating system
• Each operating system does not know it is sharing the underlying hardware with others
X86 Multi-Core, Multi Processor
70% Hardware Utilisation
X86Windows
XP
App. A
X86Windows
2003
App. B
X86SuseLinux
App. C
X86Red Hat
Linux
App. D
History of Virtualisation
x86 virtualisation problems:IA-32 (Intel Architecture-32, also named i386) is the third generation of x86 architecture, first implemented in the Intel 80386 microprocessors in 1985.
• Its CPU was designed with virtualisation in mind
• According to Popek and Goldberg(*), the processor would be virtualisable if the set of control sensitive instructions is a subset of the set of privileged instructions.
• This means that any instruction that modifies the configuration of resources in the system must either be executed in privileged mode, or trap if it isn’t.
• Unfortunately, IA-32 instruction set includes 17 instruction set that does not have this property.
(*) Formal Requirements for Virtualizable Third Generation Architectures. Popek and Goldberg. Communications of ACM. 1974
History of Virtualisation
What are sensitive instructions?• In architecture field, the CPU designers separate instructions into
different categories.
– Privilege instruction: Those instructions are trapped if the machine is in user mode and are not trapped if the machine is in kernel mode.
ex: Instruction to modify page table base register
– Non-Privilege instruction: All other instructions
ex: Software interrupt, Normal arithmetic operation
• In virtualisation field, the hypervisor designers separate instructions into two categories.
– Sensitive instruction: Those instructions that interact with hardware, which include control-sensitive and behaviour-sensitive instructions.
ex: Instruction to modify page table base register, software interrupt,..
– Non-sensitive instruction: All other instructions
ex: Normal arithmetic operation, …
History of Virtualisation
Dynamic Translation
VirtualMachine
Hardware
Operating System
VirtualMachine…
Hypervisor
Hardware
VMVM
Hardware
VirtualMachine
VirtualMachine…
Virtualisation Logic
Hypervisor
…
1st Generation: Full virtualisation (Binary rewriting)● Software Based● VMware and
Microsoft
2nd Generation: Paravirtualisation● Cooperative
virtualisation● Modified guest● VMware, Xen
3rd Generation: Silicon-based (Hardware-assisted) virtualisation● Unmodified guest● VMware and Xen on
virtualisation-aware hardware platforms
History of Virtualisation
Full virtualisation • 1st Generation offering of x86/x64 server
virtualisation
• Dynamic binary translation– The emulation layer talks to an operating
system which talks to the computer hardware
– The guest OS doesn't see that it is used in an emulated environment
• All of the hardware is emulated including the CPU
• Two popular open source emulators are QEMU and Bochs
EmulatedHardware
Virtu
al M
ach
ine
Gu
est O
S
Device Drivers
Ap
p.
A
Ap
p.
B
Ap
p.
C
Hardware
Host OS
Device Drivers
History of Virtualisation
Full virtualisation: advantages • The emulation layer:
– Isolates VMs from the host OS and from each other
– Controls individual VM access to system resources, preventing an unstable VM from impacting system performance
• Total VM portability
– By emulating a consistent set of system hardware, VMs have the ability to transparently move between hosts with dissimilar hardware without any problems
• It is possible to run an operating system that was developed for another architecture on your own architecture
• A VM running on a Dell server can be relocated to a Hewlett-Packard server
EmulatedHardware
Virtu
al M
ach
ine
Gu
est O
S
Device Drivers
Ap
p.
A
Ap
p.
B
Ap
p.
C
Hardware
Host OS
Device Drivers
History of Virtualisation
Full virtualisation: drawbacks • Hardware emulation comes with a performance price
• In traditional x86 architectures, OS kernels expect to run privileged code in Ring 0
– However, because Ring 0 is controlled by the host OS, VMs are forced to execute at Ring 1/3, which requires the VMM to trap and emulate instructions
• Due to these performance limitations, paravirtualisation and hardware-assisted virtualisation were developed
Application Ring 3
OperatingSystem
Ring 0
Traditional x86 Architecture
Application Ring 3
Guest OS Ring 1 / 3
VirtualMachineMonitor
Ring 0
Full Virtualisation
History of Virtualisation
Para-virtualisation • The Guest OS is modified and thus run kernel-
level operations at Ring 1 (or 3)
– the guest is fully aware of how to process privileged instructions
– thus, privileged instruction translation by the VMM is no longer necessary
– The guest operating system uses a specialised API to talk to the VMM and, in this way, execute the privileged instructions
• The VMM is responsible for handling the virtualisation requests and putting them to the hardware
Virtual Machine Monitor
Virtu
al M
ach
ine
Gu
est O
S
Device Drivers
Ap
p.
A
Ap
p.
B
Ap
p.
C
Specialized API
Hardware
Hypervisor
Device Drivers
History of Virtualisation
Para-virtualisation • Today, VM guest operating systems are paravirtualised using two different approaches:
– Recompiling the OS kernel
• Paravirtualisation drivers and APIs must reside in the guest operating system kernel
• You do need a modified operating system that includes this specific API, requiring a compiling operating systems to be virtualisation aware
– Some vendors (such as Novell) have embraced paravirtualisation and have provided paravirtualised OS builds, while other vendors (such as Microsoft) have not
– Installing paravirtualised drivers
• In some operating systems it is not possible to use complete paravirtualisation, as it requires a specialised version of the operating system
• To ensure good performance in such environments, paravirtualisation can be applied for individual devices
• For example, the instructions generated by network boards or graphical interface cards can be modified before they leave the virtualised machine by using paravirtualised drivers
History of Virtualisation
Hardware-assisted virtualisation• The guest OS runs at ring 0
• The VMM uses processor extensions (such as Intel®-VT or AMD-V) to intercept and emulate privileged operations in the guest
• Hardware-assisted virtualisation removes many of the problems that make writing a VMM a challenge
• The VMM runs in a more privileged ring than 0, a virtual -1 ring is created
• Often called HVM
Virtual Machine Monitor
Virtu
al M
ach
ine
Gu
est O
S
Device Drivers
Ap
p.
A
Ap
p.
B
Ap
p.
C
Specialized API
Hardware
Hypervisor
Device Drivers
History of Virtualisation
Hardware-assisted virtualisation• The hypervisor/VMM runs at Ring -1
– super-privileged mode
VMX non-root VMX root
History of Virtualisation
Hardware-assisted virtualisation• Advantages
– It allows to run unmodified OSs (so legacy OS can be run without problems)
• Drawbacks
– Speed and Flexibility
• An unmodified OS does not know it is running in a virtualised environment and so, it can’t take advantage of any of the virtualisation features– It can be resolved using paravirtualisation partially (hybrid
virtualisation approach)
Outline
• Introduction• History of Virtualisation• Virtualisation Architecture– System Virtualisation– Storage Virtualisation– GPU Virtualisation– Software Virtualisation– Hardware Support Virtualisation– Network Virtualisation
System virtualisation
Purposes of the hypervisor• CPU Virtualisation– Handle all sensitive instructions by emulation
• Memory Virtualisation– Allocate guest physical memory– Translate guest virtual address to host virtual address
• I/O Virtualisation– Emulate I/O devices for guest– Ex: Keyboard, UART, Storage and Network
Hypervisor Case: KVM
CPU MMU I/OTimer InterruptHardware
CPU Virtualisation
MMUVirtualisation
I/OVirtualisation
VM 0 VM 1
Hypervisor
QEMU
Linux + KVM
1. CPU and memory virtualisations are handled in the Linux Kernel Space 2. I/O virtualisation is handled in the Linux User Space by QEMU3. It is a full virtualisation implementation
LVM• LVM is a logical volume manager for the Linux kernel; it manages disk
drives and similar mass-storage devices
• Commonly used for the following purposes:
– Managing large hard disk farms by allowing disks to be added and replaced without downtimes and services disruption, in combination with hot swapping.
– On small systems (like a desktop at home), instead of having to estimate at installation time how big a partition might need to be in the future, LVM allows file systems to be easily resized later as needed.
– Performing consistent backups by taking snapshots of the logical volumes.
– Creating single logical volumes of multiple physical volumes or entire hard disks (somewhat similar to RAID 0, but more similar to JBOD), allowing for dynamic volume resizing.
• LVM can be considered as a thin software layer on top of the hard disks and partitions, which creates an abstraction of continuity and ease-of-use for managing hard drive replacement, repartitioning, and backup.
Software virtualisation
LVM
• LVM is a logical volume manager for the Linux kernel; it manages disk drives and similar mass-storage devices.
Logical Volume Manager
Software virtualisation
LVM: example
• Disk partition → physical volumes → volume group → logical volumes → file systems
Software virtualisation
RAID• RAID (Redundant Array of Independent Disks) is a
storage technology that combines multiple disk drive components into a logical unit.
• Data is distributed across the drives in one of several ways called "RAID levels“, such as RAID0, RAID1, etc., depending on the level of redundancy and performance required.
Software virtualisation
Example: RAID0 and RAID1
Software virtualisation
mirroring without parity or striping
It provides improved performance and additional storage but no fault tolerance (block-level striping without parity or mirroring) .
LVM and RAID for Virtualisation
• LVM provides a virtual storage systems which is flexible to partition and allocate logical volumes to virtual machines
• RAID not only improves storage performance but has fault tolerance capability
Software virtualisation
• A Graphics Processing Units (GPUs) are high-performance many-core processors capable of very high computation and data throughput.
GPU virtualisation
• While the Intel Core I7 980X (extreme edition) gives us around 110GFLOPS, GPUs such as AMD Radeon 6970 and NVidia C2090 offer more than 660GFLOPS.
Performance Comparison: GPU vs. CPU.
GPU virtualisation
GPGPU (General Purpose GPU)• High performance of modern Graphics Processing Units may be utilised
not only for graphics related application but also for general computing. • Today’s GPUs are general-purpose parallel processors with support for
accessible programming interfaces and industry-standard languages such as C.
• Developers who port their applications to GPUs often achieve speedups of orders of magnitude vs. optimised CPU implementations.
GPU virtualisation
• GPU virtualisation allows multiple virtual machines to interact directly with a GPU and manages the GPU resources so multiple users can share common hardware, while improving user density.
GPU virtualisation
• IT administrators have a lot to deal with in today’s corporate infrastructure. With the ever increasing prices of upgrading desktop computers, software virtualisation is becoming very appealing.
• It has following features:
Ease of Management
Security
Green
Portable
Software Virtualisation
• Virtual desktop Infrastructure (VDI) is a desktop-centric service that hosts users desktop environments on remote servers, which are accessed over a network using a remote display protocol.
Software Virtualisation
Virtual Desktop Infrastructure (VDI)
• eyeOS is a web desktop following the cloud computing concept that seeks to enable collaboration and communication among users. It is mainly written in PHP, XML, and JavaScript
Software Virtualisation
EyeOS: Web Desktop Virtualisation
Hardware Virtualisation
Intel VT-X
• New CPU Operating Mode– VMX Root Operation
– Non-Root Operation
• New Transitions– VM entry to Guest
– VM exit to VMM
• VM Control Structure– Configured by VMM software
Hardware VirtualisationARM virtualisation extension
• Secure world supports a single virtual machine
• New Non-secure level of privilege to hold Hypervisor
– Hypervisor mode applies to normal world
– Hyp Mode is used by the Hypervisor
– Guest OS given same kernel/user privilege structure as for a non virtualised environment
Hardware VirtualisationSingle-Root I/O Virtualisation
• PCI-SIG specifies multiple functional elements addressing performance and security aspects of I/O virtualisation
• PCIe devices will have multiple virtual functions (VF’s)
Hardware VirtualisationMulti-Root I/O Virtualisation
• Multiple hardware domains utilising same IO endpoints
• Virtual functions are dedicated to virtual machines
• Software Defined Networking (SDN) is an approach to building computer networks that separates and abstracts elements of these systems
• SDN decouples the system that makes decisions about where traffic is sent (the control plane) from the underlying system that forwards traffic to the selected destination (the data plane)
Network Virtualisation
Software Defined Networking (SDN)• The inventors and vendors of these systems claim
that this technology simplifies networking and enables new applications, such as – network virtualisation in which the control plane is
separated from the data plane and implemented in a software application.
Network Virtualisation
Open vSwitch• Open vSwitch is a flexible, multi-layer software
network switch. Typically used in virtualisation environments as the network switching component in the hypervisor.
• Open vSwitch maintains the logical state of a virtual machine's network connection across physical hosts when a virtual machine is migrated, and it can be managed and monitored by standard protocols such as: OpenFlow, NetFlow, sFlow, SPAN, RSPAN.
Network Virtualisation
Open vSwitch
• When it comes to virtualisation, open vSwitch is attractive because it provides the ability for a single controller to manage your virtual network across all your servers.
Network Virtualisation
InfiniBand virtualisation
• InfiniBand is a switched fabric communications link used in high-performance computing and enterprise data centers.
• It has two key features : low latency and high bandwidth
• Virtualisation Using InfiniBand Brings Big Benefits to Data Centers
• When it comes to virtualisation, open vSwitch is attractive because it provides the ability for a single controller to manage your virtual network across all your servers.
Network Virtualisation
Bibliography
• Books :– The definite guide to Xen Hypervisor. David Chisnall.
Prentice Hall
• Other resources :– Lecture slides of “Virtual Machine” course (5200) in
NCTU
Top Related