Virtualization Dr. Michael L. Collard www.sdml.info/collard www.sdml.info/collard/linux collard@cs.kent.edu

Platform Virtualization Hide the physical characteristics of computer resources from the applications Not a new idea: IBM’s CP-40 1967, CP/CMS, VM Full Virtualization Simulate enough hardware so that an unmodified guest operating system can be run Provides a full “virtual machine” Scenarios: Run Linux in a virtual machine on Windows Run multiple logical servers (each with their own virtual machine) on a single physical server

Virtual Machine Monitors (VMMs) VMn App0 App1 Appn ... Guest OS0 Guest OS1 Guest OSn Virtual Machine Monitor (VMM) Platform HW Memory Processor/CS I/O Devices Source: Understanding Intel Virtualization Technology”, N. Sahgal, D. Rodgers

Challenges of Running a VMM OS and Apps in a VM don't know that the VMM exists or that they share CPU resources with other VMs VM0 VM1 VMM should isolate Guest SW stacks from one another ... ... App App App App App App Guest OS0 ... Guest OS1 VMM should run protected from all Guest software VM Monitor VMM should present a virtual platform interface to Guest SW Platform Hardware Source: Understanding Intel Virtualization Technology”, N. Sahgal, D. Rodgers

Popek & Goldberg Formal Requirements for Virtualizable Third Generation Architectures – 1974 article Virtual Machine capable of virtualizing all hardware resources, processors, memory, storage, and peripherals Virtual Machine Monitor (VMM) provides virtual machine abstraction Also referred to as hypervisor

Popek & Goldberg VMM Properties Equivalence Program running under a VMM should exhibit a behavior identical to that of running on the equivalent machine Resource Control VMM is in full control of virtualized resources Efficiency A statistically dominant fraction of machine instructions may be executed without VMM intervention

Popek & Goldberg: Instructions Privileged instructions those that trap in user mode, and only run in system mode Control-sensitive instructions those that change the resource configuration of the system Behavior-sensitive instructions behavior or results depend on the configuration of resources

Theorem 1: Virtualization Can construct a VMM if set of control-sensitive instructions is a subset of the privileged instructions All control-sensitive instructions always trap and pass control to the VMM Guarantees resource control property non-privileged instructions must be executed natively

Theorem 2: Recursive Virtualization Recursive virtualization – VMM can run on a copy of itself For an architecture, this is possible if: The architecture is virtualizable A VMM without timing dependences can be built

Non-Virtualizable Machines VMMs (under Popek & Goldberg definition) cannot be build on non-virtualizable machines Workarounds: patching – critical instructions removed and replaced with trap to VMM paravirtualization – guest o.s. is modified (e.g., IBM VM)

x86 Virtualization Before 2005: Intel VT (Virtual Technology) (IVT) x86 processor architecture did not meet Popek & Goldberg virtualization requirements Intel VT (Virtual Technology) (IVT) IA-32, IA-64, Directed I/O, DMA & interrupt remapping, Connectivity AMD-V (Pacifica) AMD Athlon 64, Turion, Opteron

Virtualization: Isolation App1 App2 App1 App2 OS OS OS HW VMM HW Source: Understanding Intel Virtualization Technology”, N. Sahgal, D. Rodgers

Virtualization: Consolidation App1 App2 App1 App2 OS1 OS2 OS1 OS2 HW1 HW2 VMM HW Source: Understanding Intel Virtualization Technology”, N. Sahgal, D. Rodgers

Virtualization: Migration App App OS OS VMM VMM VMM VMM HW1 HW2 HW1 HW2 Source: Understanding Intel Virtualization Technology”, N. Sahgal, D. Rodgers

Usages Legacy software support – Consolidation Training/QA – Consolidation Activity Partioning – Isolation Administration – Consolidation, Isolation, Migration Failover Infrastructure - Migration

Questions about a VMM What OS does it run on? Does it need an OS? What OSs does it allows as guests? Can it support a VM even if the instructions are not on the physical CPU, e.g., IA-64 VM on IA-32 machine? How much can the resources be shared between guest Oss? What tools does it provide for managing VMs?

VMWare Desktop – runs in a host OS Server VMWare Workstation (1999) – runs on PC VMWare Fusion – runs on Mac OS X VMWare Player – run, but not create images Server VMWare Server (GSX Server) –hosted on Linux or Windows VMWare ESX (ESX Server) – no host OS VMWare ESXi (ESX 3i) – freeware (July 2008)

VMWare ESX Part of VMWare Infrastructure Runs “bare-metal”, i.e., has its own vmkernel, with near native performance Guest/Host CPU: x86 (ESXi only), x86-64, AMD Guest OS: Windows, Linux Management capabilities: Move VM between servers on the fly Move VM based on host/VM load requirements/demands

Microsoft Hyper-V Viridian, Windows Server Virtualization Host CPU: x64 + IVT or AMD-V VMM runs directly on the hardware, however requires one parent partition of Windows Server 2008. Parent manages child VMs Guest OS: Windows, SUSE, Linux (?) Enlightened I/O: direct access for enabled guests

Other Xen UML (User Mode Linux) free software runs native, but with required “dom0” OS (Linux, NetBSD, Solaris), which starts other VMs UML (User Mode Linux) Run Linux in Linux Support integrated into Linux kernel

Summary Virtualization is an old approach, but new software techniques and hardware support have it becoming more visible New tools/method/processes being developed to fully utilize virtualization In the mainstream of system administration