Module 2- Virtualization

Virtualization
• Virtualization is the creation of a virtual rather
than actual version of something, such as an
operating system, a server, a storage device or
network resources
• One of the fundamental Concepts of Cloud
Computing
What is Virtualization?
 Why are virtualized environments so
popular today?
– Increased performance and computing capacity
●
PCs are having immense computing power.
– Underutilized hardware and software resources
●
Limited use of increased performance & computing
capacity.
– Lack of space
●
Continuous need for additional capacity.
– Greening initiatives
●
Reduce carbon footprints
●
Reducing the number of servers, reduce power
consumption.
– Rise of administrative costs
●
Power and cooling costs are higher then IT equipments.
 Virtualized Environments
• Virtualization is a method of logically dividing
the system resources between different
applications
• Application Virtualization
• Desktop Virtualization
• Server Virtualization
• Network Virtualization
• Storage Virtualization
 Applications
Application - level
Virtualization

Programming Languages
Programming
Execution Stack

Language level
Virtualization

Operative Systems
OS- level Virtualization

Hardware
Hardware - level
Virtualization
●
Three major components of Virtualized
Environments
– Guest – system component that interacts
with Virtualization Layer.
– Host – original environment where guest
runs.
– Virtualization Layer – recreate the same or
different environment where guest will run.
 Virtual Image Applications Applications
Guest

Virtual Hardware Virtual Storage

Virtual Networking
Virtualization Layer
Software Emulation

Host Physical Hardware Physical Storage Physical Networking

Virtualization Reference Model

 Characteristics of VE
• Increased Security
• Managed Execution
 - Sharing
 - Aggregation
 - Emulation
 - Isolation
• Portability
 Increased Security
– Ability to control the execution of a guest
– Guest is executed in emulated environment.
– Virtual Machine Manager control and filter the
activity of the guest.
– Hiding of resources.
– Having no effect on other users/guest
environment.
 Managed Execution types
– Sharing
●
Creating separate computing environment within the
same host.
●
Underline host is fully utilized.
– Aggregation
●
A group of separate hosts can be tied together and
represented as single virtual host.
– Emulation
●
Controlling & Tuning the environment exposed to
guest.
– Isolation
●
Complete separate environment for guests.
Managed Execution
 Portability

– safely moved and executed on top of different

virtual machine.
– Application Development Cycle more flexible and
application deployment very straight forward
– Availability of system is with you.
Taxonomy of Virtualization Techniques
• Virtualization is mainly used to emulate
execution environment , storage and
networks.
• Execution Environment classified into
two :-
– Process-level – implemented on top of an existing
operating system.
– System-level – implemented directly on hardware
and do not or minimum requirement of existing
operating system
Taxonomy of virtualization
 Execution Virtualization
●
It defines the interfaces between the
levels of abstractions, which hide
implementation details.
●
Virtualization techniques actually replace
one of the layers and intercept the calls
that are directed towards it.
 Machine Reference Model

●
Hardware is expressed in terms of the Instruction Set Architecture (ISA).
– ISA for processor, registers, memory and the interrupt management.
●
Application Binary Interface (ABI) separates the OS layer from the
application and libraries which are managed by the OS.
– System Calls defined
– Allows probabilities of applications and libraries across OS.
 Machine Reference Model [Cont.]

●
API – it interfaces applications to libraries
and/or the underlying OS.
●
Layered approach simplifies the
development and implementation of
computing system.
●
ISA has been divided into two security
classes:-
– Privileged Instructions
– Nonprivileged Instructions
 ISA: Security Classes
●
Nonprivileged instructions
– That can be used without interfering with other tasks
because they do not access shared resources.
Ex. Arithmetic , floating & fixed point.
●
Privileged instructions
– That are executed under specific restrictions
and are mostly used for sensitive operations,
which expose (behavior-sensitive) or modify
(control-sensitive) the privileged state.
●
Behavior-sensitive – operate on the I/O
●
Control-sensitive – alter the state of the CPU
register.
 Privileged Hierarchy:
Security Ring
●
Ring-0 is in most privileged level
, used by the kernel.
●
Ring-1 & 2 used by the OS-level
services
●
and , R3 in the least privileged
level , used by the user.
●
Recent system support two
levels :-
– Ring 0 – supervisor
mode
– Ring 3 – user mode
 Hardware-level virtualization
●
It is a virtualization technique that
provides an abstract execution
environment in terms of computer
hardware on top of which a guest OS
can be run.
●
It is also called as system virtualization.
Hardware-level virtualization
 Hypervisor
●
Hypervisor runs above the supervisor mode.
●
It runs in supervisor mode.
●
It recreates a h/w environment.
●
It is a piece of s/w that enables us to run one or
more VMs on a physical server(host).
●
Two major types of hypervisor
– Type -I
– Type-II
 Type-I Hypervisor
●
It runs directly on top of the hardware.
●
Takes place of OS.
●
Directly interact with the ISA exposed by the
underlying hardware.

●
Also known as native virtual machine.
 Type-II Hypervisor
●
It require the support of an
operating system to provide
virtualization services.
●
Programs managed by the
OS.
●
Emulate the ISA of virtual
h/w.
●
Also called hosted virtual
machine.
 Virtual Machine Manager (VMM)
●
Main Modules :-
– Dispatcher
●
Entry Point of VMM
●
Reroutes the instructions issued by VM instance.
– Allocator
●
Deciding the system resources to be provided to the
VM.
●
Invoked by dispatcher
– Interpreter
●
Consists of interpreter routines
●
Executed whenever a VM executes a privileged
instruction.
●
Trap is triggered and the corresponding routine is
executed.
Virtual Machine Manager (VMM)
 Criteria of VMM

●
Equivalence – same behavior as when it is
executed directly on the physical host.
●
Resource control – it should be in
complete control of virtualized
resources.
●
Efficiency – a statistically dominant fraction
of the machine instructions should be
executed without intervention from the
VMM
 Theorems
●
Popek and Goldberg provided a classification
of the instruction set and proposed three
theorems that define the properties that
hardware instructions need to satisfy in
order to efficiently support virtualization.
●
Classification of IS-
– Privileged Instructions
●
Trap if the processor is in user mode
– Control sensitive Instructions
 Theorems-1
●
Theorems 1
– For any conventional third-generation computer,
a VMM may be constructed if the set of
sensitive instructions for that computer is a
subset of the set of privileged instructions.
 Theorems
●
Theorems 2
– A conventional third-generation computers is
recursively virtualizable if:
●
It is virtualizable and
●
A VMM without any timing dependencies can be
constructed for it.
 Theorems
●
Theorems 3
– A hybrid VMM may be constructed third-
generation machine in which the set of user-
sensitive instructions is a subset of the set of
privileged instructions.
– In HVM, more instructions are interpreted
rather than being executed directly.
Hardware virtualization Techniques
●
CPU installed on the host is only one set,
but each VM that runs on the host requires
their own CPU.
●
It means CPU needs to virtualized, done by
hypervisor.
●
Hardware-assisted virtualization
– In this hardware provides architectural
support for building a VMM able to
run a guest OS in complete isolation.
– Intel VT and AMD V extensions.
– Early products were using binary translation
to trap some sensitive instructions and
provide an emulated version
●
Full virtualization
– Ability to run program (OS) directly on top of a
virtual machine and without any modification.
– VMM require complete emulation of the entire
underneath h/w
– Advantages
●
Complete isolation
●
Enhanced security
●
Ease of emulation of different architectures and
coexistence
– Key challenge is interception of privileged
instructions
●
Paravirtualization
– Not-transparent virtualization
– Thin VMM
– Expose software interface to the virtual machine
that is slightly modified from the host.
– Guest OS need to be modified.
– Simply transfer the execution of instructions
which were hard to virtualized, directly to the
host.
●
Partial virtualization
– Partial emulation of the underlying hardware
– Not allow complete isolation to guest OS.
– Address space virtualization is a common
feature of comtemporary operating systems.
– Address space virtualization used in time-
sharing system.
 Operating system-level virtualization
●
It offers the opportunity to create different and
separated execution environments for
applications that are managed concurrently.
●
No VMM or hypervisor
●
Virtualization is in single OS
●
OS kernel allows for multiple isolated user
space instances
●
Good for server consolidation.
●
Ex. chroot , Jails, OpenVZ etc.
 Programming language-level
virtualization
●
It is mostly used to achieve ease of deployment of
application, managed execution and portability
across different platform and OS.
●
It consists of a virtual machine executing the byte
code of a program, which is the result of the
compilation process.
●
Produce a binary format representing the machine
code for an abstract architecture.
●
Example
– Java platform – Java virtual machine (JVM)
– .NET provides Common Language Infrastructure (CLI)
●
They are stack-based virtual machines
 Advantage of programming/process-
level VM
●
Provide uniform execution environment
across different platforms.
●
This simplifies the development and
deployment efforts.
●
Allow more control over the execution of
programs.
●
Security; by filtering the I/O operations
●
Easy support for sandboxing
 Application-level virtualization
●
It is a technique allowing applications to run
in runtime environments that do not
natively support all the features required
by such applications.
●
In this, applications are not installed in the
expected runtime environment.
●
This technique is most concerned with :-
– Partial file system
– Libraries
– Operating System component emulation
 Strategies for Implementation
Application-Level Virtualization
●
Two techniques:-
– Interpretation -
●
In this every source instruction is interpreted by an
emulator for executing native ISA instructions,
●
Minimal start up cost but huge overhead.
– Binary translation -
●
In this every source insruction is converted to native
instructions with equivalent functions.
●
Block of instructions translated , cached and reused.
●
Large overhead cost , but over time it is subject to
better performance.
 Types: Storage Virtualization
●
It allows decoupling the physical
organization of the h/w from its logical
representation.
●
Using Network based virtualization known
as storage area network (SAN).
 Network Virtualization
●
It combines h/w appliances and specific
software for the creation and management of
a virtual n/w.
●
It can aggregate different physical
networks into a single logical network.
 Application Server Virtualization
• Application server virtualization abstracts a
collection of application servers that provide
the same service as a single virtual application
server
• Providing better quality of service rather than
emulating a different environment
Virtualization and cloud computing
• Virtualization plays an important role in cloud
computing
• Virtualization technologies are primarily used
to offer configurable computing environments
and storage.
• Hardware virtualization is an enabling factor
for solutions in the (IaaS) market segment
• programming language virtualization is a
technology leveraged in (PaaS) offerings.
Server consolidation and virtual machine migration
 Pros and cons of virtualization
• Advantages of Virtualization
 Reduced spending
 Sandbox
 Portability
 Efficient use of resources.
 Easier backup and disaster recovery
 Better business continuity
 More efficient IT operations
 Pros and cons of virtualization
• Disadvantages of Virtualization
 Upfront costs.
 Software licensing considerations
 Possible learning curve
 Performance degradation
 Inefficiency and degraded user experience
 Security holes and new threats
 Technology examples
• Xen: paravirtualization
• VMware: full virtualization
• Microsoft Hyper-V
 Xen: paravirtualization
• Xen is an open-source initiative
• Developed by a group of researchers at the
University of Cambridge
• XenSource.
• Desktop virtualization or server
virtualization
• Xen Cloud Platform (XCP)
• https://www.xenproject.org/
Xen architecture and guest OS management.
 VMWare: Full Virtualization
• Underlying hardware is replicated made
available
and to the guest operating system
• VMware implements full in the
virtualization Desktop environments
• Type II hypervisor in Server Environment
• Type I in Desktop and Server
hypervisor
Environments
• Direct Execution
• Binary Translation
A full virtualization reference model.
Virtualization solutions by VMware
• End-user (desktop) virtualization
VMware workstation architecture.
Virtualization solutions by VMware
• Server virtualization
• VMWare GSX
• VMWare ESXi
VMware GSX server architecture.
VMware ESXi server architecture.
Virtualization solutions by VMware
• Infrastructure virtualization and cloud
computing solutions
• VMware provides a set of products covering
the entire stack of cloud computing,
VMware Cloud Solution stack.
 Microsoft Hyper-V: Server
Virtualization
• formerly known as Windows
Server Virtualization
• support a variety of guest operating systems.
Microsoft Hyper-V architecture.