Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software & Services Group A Primer on Virtualization 1.

Published byJillian Gaynes Modified over 9 years ago

Similar presentations

Presentation on theme: "Software & Services Group A Primer on Virtualization 1."— Presentation transcript:

1 Software & Services Group A Primer on Virtualization 1

2 Software & Services Group Agenda Westmere EP on Intel Roadmap Adv. Enc. Std: New Instructions (AES-NI) in Westmere EP Intel® Virtualization Technology – a primer –Evolution of Virtualization –Intel Virtualization Technologies –A Framework for Optimizing Virtualization – improving efficiency and scaling –Reducing Virtualization Overheads: Processor, Memory, I/O –Improving VM scaling –VMM readiness –Improving VMM security through TXT Summary Content condensed from: “ Intel® Virtualization Technology in the Enterprise ”, Rich Uhlig, Intel Fellow, IDF 2009 San Francisco USA.

3 Software & Services Group Evolution of Virtualization 3 Flexible Resource Management Basic Consolidation No Virtualization Drives Priorities: Lower VMM Overheads Richer Workloads in VMs Seamless VM Migration Power Efficiency Increased Scaling (VMs, vCPUs) Improved Reliability Host OS Host OS Host OS VMM Host OS VMM Host OS VMM Host OS VMM Host VMM Host OS

4 Software & Services Group Intel® Virtualization Technologies Intel® VT for Directed I/O Reliability and Security through device Isolation I/O performance with direct assignment Intel® VT for Connectivity NIC Enhancement with VMDq Single Root IOV support Network Performance and reduced CPU utilization Intel® I/OAT for virtualization Lower CPU Overhead and Data Acceleration Intel® VT-x Hardware assists for robust virtualization Intel® VT FlexMigration – Flexible live migration Intel® VT FlexPriority – Interrupt acceleration Intel® EPT – Memory Virtualization Network Chipset Processor Intel® VT-x Intel® VT-d Intel® VT-c

5 Software & Services Group A Framework for Optimizing Virtualization 5 Reduce overheads from virtualization Intel® VT-x Latency Reductions Extended Page Tables Virtual Processor IDs APIC Virtualization (Flex Priority) I/O Assignment via DMA Remapping Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture (Intel® VT-x) Introduce capabilities that increase scaling out across VMs Intel® Hyper-Threading Technology PAUSE-loop Exiting Network Virtualization VMM OS Host OS … 2. … and scale out across VMs 1. Reduce overhead within each VM…

6 Software & Services Group What makes VM Context Switching expensive 6 Saving-Loading privileged state Compounded by consistency checking Addressing Context changes Translation Lookaside Buffer (TLB) flushes Virtual Machine Ctl Structure (VMCS) – Maintains Guest & Host reg. state – “Backed” by host physical memory – Accessed via architectural VMREAD / VMWRITE – Enables caching of VMCS state on-die Virtual Processor IDs (VPIDs) – Tag µarch structures (TLBs) – Removes need to flush TLBs Reducing VT Latencies

7 Software & Services Group Intel ® Virtualization Technology (VT-x) VT-x® provides architected assists to allow guest OSes to run directly on hardware On Nehalem and Westmere VT-x is extended with: Extended Page Tables (EPT) Eliminates VM exits to the VMM for shadow page- table maintenance Virtual Processor IDs (VPID) Avoid flushes on VM transitions to give a lower-cost VM transition time Guest Preemption Timer -- lets a VMM preempt a guest OS Aids VMM vendors in flexibility and Quality of Service (QoS) Descriptor Table Exiting –Traps on modifications of guest DTsAllows VMM to protect a guest from internal attack Transition Latency reductions Continuing improvements in microarchitectural handling of VMM round trips

8 Software & Services Group Issues with abstracting physical memory 8 VMM CPU 0 VM 0 VM n Guest Page Tables TLB Shadow Page Tables Memory Induced VM Exits Remap Address Translation Guest OS expects contiguous, zero- based physical memory VMM must preserve this illusion Page-table Shadowing VMM intercepts paging operations Constructs copy of page tables Overheads VM exits add to execution time Shadow page tables consume significant host memory Guest Page Tables

9 Software & Services Group How Extended Page Tables help with abstracting Physical Memory 9 Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture (Intel® VT-x) Extended Page Tables (EPT) Map guest physical to host address New hardware page-table walker Performance Benefit A guest OS can modify its own page tables freely and without VM exits Memory Savings A single EPT supports entire VM: instead of a shadow pagetable per guest process

10 Software & Services Group 10 TLB CR3 PML4 PDP PDE PTE EPTPL4L3L2L1 EPTPL4L3L2L1 EPTPL4L3L2L1 EPTPL4L3L2L1 EPTPL4L3L2L1 Linear Addr Physical Addr Extended Page Table (EPT) Walk 2-level TLB reduces page-table walks VPID tags help to retain TLB entries Paging-structure caches Cache intermediate steps in walk Result: Reduce length of walks Common case: Much better than 24 steps

11 Software & Services Group Difficulties in virtualizing I/O 11 VMM VM 0 VM n 1 I/O Device Emulation Memory Storage Network Guest Device Driver Device Model Guest Device Driver Device Model 2 Para- virtualization Virtual Device Interface Traps device commands Translates DMA operations Injects virtual interrupts Software Methods I/O Device Emulation Paravirtualize Device Interface Challenges Controlling DMA and interrupts Overheads of copying I/O buffers Physical Device Driver

12 Software & Services Group Solution: DMA remapping (Intel® VT-d) 12 DMA Requests Device IDVirtual Address Length Memory Access with Host Physical Address DMA Remapping Engine Translation Cache Context Cache Fault Generation Memory-resident Partitioning & Translation Structures Device Assignment Structures Address Translation Structures Device D1 Device D2 Address Translation Structures Bus 255 Bus 0 Bus N Dev 31, Func 7 Dev P, Func 1 Dev 0, Func 0 Dev P, Func 2 4KB Page Frame 4KB Page Tables DMA Requests Device IDVirtual Address Length DMA Remapping Engine

13 Software & Services Group Intel® VT FlexPriority 13 VMM APIC-TPR access in software VM Guest OS VM Exits Fetch/decode instruction Emulate APIC-TPR behavior Thousands of cycles per exit Without Intel VT FlexPriority VM VMM APIC TPR access in HW Guest OS No VM Exits Instruction executes directly Hardware emulates APIC-TPR access No VM exit in the common case configure With Intel VT FlexPriority APIC Task Priority Register (TPR) Controls interrupt delivery through the APIC Accessed very frequently by some guest OSes

14 Software & Services Group Technologies to improve VM scaling 14 Hyper-threading Decreasing lock holder preemption impact Network virtualization with Virtual Machine Device Queues Single Root I/O Virtualization (SR-IOV)

15 Software & Services Group Reducing Lock Holder preemption impact 15 Problem: In an SMP guest, a vCPU holding a lock may get preempted Other vCPUs that attempt to acquire that lock spin for the full quantum Solution: Pause-Loop Exiting (PLE) Spin-locking code typically uses PAUSE instructions in a loop A longer than “normal” loop duration taken as a sign of lock- holder preemption When that happens, HW forces an exit into VMM VMM takes control and schedules some other vCPU spin_lock: attempt lock-acquire; if fail { PAUSE; jmp spin_lock }

16 Software & Services Group Network Virtualization: HW traffic management 16 Intel® Virtualization Technology (Intel® VT) for Connectivity (Intel® VT-c) Virtual Machine Device Queues (VMDq) Data packets grouped and sorted in HW Packets sent to their respective VMs Round-robin servicing on transmit Tests measure Wire Speed Receive (Rx) Side Performance With VMDq on Intel ® 82598 10 Gigabit Ethernet Controller Source Intel. Throughput (Gbps) 0.0 2.0 4.0 6.0 10.0 w/o VMDq 8.0 4.0 9.5 9.2 w/ VMDq w/ VMDq Jumbo Frames MAC/PHY NIC w/VMDq Layer 2 Classified Sorter Rxn Rx1 Rx2 Rx1 Rxn Rx1 Idle Tx2 Txn Idle Tx2 Txn Tx1 VM 1 (vNIC) VM 2 (vNIC) VM n (vNIC) Layer 2 Software Switch VMM LAN Rx1 Rx2 Rx1 Rxn Rx1 Rxn Rx1 Rx2 Rxn

17 Software & Services Group PCI-SIG SR-IOV Description: – PCI-SIG Single Root I/O Virtualization (SR-IOV) Standard: – Allows for I/O devices to be simultaneously shared among VMs – Virtual interfaces can be directly assigned to reduce routing overheads Benefits: – Provide near native performance due to direct connectivity – Allows direct VM control of I/O virtual functions Requirements: – Intel VT-d as the core platform ingredient – BIOS support of SR-IOV

18 Software & Services Group Westmere: Trusted Execution Technology (TXT) Server Extensions TXT uses features in processor, chipset and TPM to enable more secure platforms TXT works through measurement, memory locking and sealing secrets TXT helps prevent software attacks – such as, attempts to insert rogue VMM (rootkit hypervisor) – and, reset-attacks that are designed to compromise platform secrets in memory – and, BIOS and firmware update attacks Processor Chipset VT Processor TPM Helps prevent hijacking by rootkit TXT technology incorporates multiple components TXT Makes Platforms More Robust Against SW-based Attacks Platform hardware with VT-x support Rootkit Hypervisor VMM Guest VM

19 Software & Services Group Intel VT Features/VMM Support FeatureVMware ESXMicrosoft Hyper-V Xen OSSRed Hat (RHEL) KVMNovell (SLES) Min Rev DateMin Rev DateMin Rev DateMin Rev DateRevDateMin Rev Date Processor (VT-x)Min Rev for Nehalem 3.5U4NowWin Svr ’08 NowAnyNowAnyNowAny Recent NowAnyNow FlexPriority3.5U4NowWin Svr ’08 Now3.1Now5.2Now2.6.24Now10 SP1 Now FlexMigration3.5U4NowWin Svr ’08 2 Now3.3NowTBD EPT + VPID4.0NowWin Svr ’08 R2 1H’103.3Now5.3Now2.6.26Now10 SP2 Now Chipset (VT-d)VT-d24.0NowTBD 3.3Now5.4Q3’092.6.31Now11Now Network (VT-c) SR-IOVTBD 3.4 1 Now 3 TBD VMDq3.5U4NowWin Svr ’08 R2 1H’10TBD Power Mgmt (S, P, C, T States) 4.0Now1.0 (S- state TBD) Now3.3NowTBD 11Now SSE 4.24.0NowTBD AnyNowAnyNowAnyNow Turbo4.0Now1.0NowAnyNowAnyNowAnyNow HT (SMT)3.5U4Now1.0NowAnyNowAnyNowAnyNow PWR Other 1 Requires other ecosystem support 2 Product allows capability but robustness improvements in future releases 3 PCI-SIG SR-IOV standard is supported now Notes: Table is based on latest information as of: VT-c : July 09; VT-x and VT-d: May 09 and subject to change; Please contact vendors directly for unreleased products Virtualization

20 Software & Services Group 20

Download ppt "Software & Services Group A Primer on Virtualization 1."

Similar presentations

Hardware-assisted Virtualization

Hardware-assisted Virtualization
虛擬化技術 Virtualization Technique

虛擬化技術 Virtualization Technique
Virtualization Dr. Michael L. Collard

Virtualization Dr. Michael L. Collard
Virtualization Technology

Virtualization Technology
Hardware Assisted Virtualization

Hardware Assisted Virtualization
Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,

Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,
Virtualization and Cloud Computing

Virtualization and Cloud Computing
NoHype: Virtualized Cloud Infrastructure without the Virtualization Eric Keller, Jakub Szefer, Jennifer Rexford, Ruby Lee ISCA 2010 Princeton University.

NoHype: Virtualized Cloud Infrastructure without the Virtualization Eric Keller, Jakub Szefer, Jennifer Rexford, Ruby Lee ISCA 2010 Princeton University.
G22.3250-001 Robert Grimm New York University Disco.

G Robert Grimm New York University Disco.
Xen and the Art of Virtualization A paper from the University of Cambridge, presented by Charlie Schluting For CS533 at Portland State University.

Xen and the Art of Virtualization A paper from the University of Cambridge, presented by Charlie Schluting For CS533 at Portland State University.
Disco Running Commodity Operating Systems on Scalable Multiprocessors.

Disco Running Commodity Operating Systems on Scalable Multiprocessors.
1 Last Class: Introduction Operating system = interface between user & architecture Importance of OS OS history: Change is only constant User-level Applications.

1 Last Class: Introduction Operating system = interface between user & architecture Importance of OS OS history: Change is only constant User-level Applications.
1 OS & Computer Architecture Modern OS Functionality (brief review) Architecture Basics Hardware Support for OS Features.

1 OS & Computer Architecture Modern OS Functionality (brief review) Architecture Basics Hardware Support for OS Features.
Virtual Machines. Virtualization Virtualization deals with “extending or replacing an existing interface so as to mimic the behavior of another system”

Virtual Machines. Virtualization Virtualization deals with “extending or replacing an existing interface so as to mimic the behavior of another system”
Virtualization for Cloud Computing

Virtualization for Cloud Computing
Windows Server Scalability And Virtualized I/O Fabric For Blade Server

Windows Server Scalability And Virtualized I/O Fabric For Blade Server
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.

Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
虛擬化技術 Virtualization and Virtual Machines

虛擬化技術 Virtualization and Virtual Machines
Tanenbaum 8.3 See references

Tanenbaum 8.3 See references
A Comparison of Software and Hardware Techniques for x86 Virtualization Keith Adams Ole Agesen Oct. 23, 2006.

A Comparison of Software and Hardware Techniques for x86 Virtualization Keith Adams Ole Agesen Oct. 23, 2006.

Similar presentations

Ads by Google