L3 - Virtualization 1/2

Question 1

VMM

Answer 1

Virtual Machine Manager (VMM) = hypervisor =
a type of software that allows multiple virtual machines (VMs) to run on a single physical machine. It creates a layer of abstraction between the physical hardware and the virtual machines, allowing multiple operating systems to run on the same physical hardware. Hypervisors are also referred to as virtual machine managers (VMM) or simply virtualizers.

Question 2

What is virtualization?

Answer 2

Computer architecture technology by which multiple VMs are multiplexed in the same hardware.

Question 3

3 objectives of virtualization

Answer 3

1. enhance the resource sharing by many users simultaneously
2. replace and upgrade hardware on the fly
3. reduce downtime

Question 4

Two modes of operating systems

Answer 4

kernel mode and user mode

Question 5

What is the kernel mode?

Answer 5

• OS allows all CPU instructions to execute on the underlying hardware
• Kernel mode does not execute in the user mode
• Kernel processes run in the kernel mode with the superuser privilege

Question 6

What is the user mode?

Answer 6

• OS allows only a few instructions to be executed
• if the user applications have to execute the privileged instructions then the applications ask kernels to do the work
• user applications can’t open files, send network packets, print to screen

Question 7

Two distinct areas of memory

Answer 7

• user space
• kernel space

Question 8

What is the user space?

Answer 8

• Set of locations where normal user processes run (everything other than the kernel)
• memory area where application software and some drivers execute

Question 9

What is the kernel space?

Answer 9

• location where the code of the kernel is stored and executes under
• restricted for running privileged OS kernel

Question 10

How many rings are there and which one is the most privileged ring?

Answer 10

There are rings 0,1,2,3 and ring 0 is the most privileged ring

Question 11

What are the 4 rings?

Answer 11

Ring 0: kernel mode
Ring 1: Hypervisor
Ring 2: drivers
Ring 3: applications

Question 12

What is Ring 2 in detail? (internet)

Answer 12

Drivers in ring 2 are typically used for managing peripheral devices such as disk drives, network interfaces, and other hardware. These drivers are responsible for communicating with the hardware, managing the data transfer between the hardware and the operating system, and providing a standard interface for applications to access the hardware.

Question 13

What are the 4 processes that the OS does?

Answer 13

• process management (start, run, stop)
• memory management (allocate, deallocate)
• file management (open, close, modify, read, rename, create)
• network management (scheduling, timing)

Question 14

What is a system call?

Answer 14

In user mode, the user applications initiate a system call to get OS-related services. The system call is a user space request of a kernel service.

Question 15

Is a system call more expensive than a normal instruction?

Answer 15

Yes. It takes around 242 cycles.

Question 16

What is a machine cycle?

Answer 16

Consists of the steps that a computer’s processor executes whenever it receives a machine language instruction.

Question 17

3 types of virtualization

Answer 17

• Full-Virtualization (Software Assisted; Hardware Assisted: Type 1, Type 2)
• Para-Virtualization
• OS-level Virtualization

Question 18

Software Assisted Full Virtualization

Answer 18

Software-assisted full virtualization uses binary translation when trapping and virtualizing the execution of instruction sets. The binary translation also emulates the hardware by utilizing software instruction sets.

Question 19

Hardware-Assisted Full Virtualization

Answer 19

Hardware-assisted virtualization eliminates the need for binary translation. Privileged instructions can be executed directly on the processor.

Type 1 Hypervisor – also known as the bare-metal hypervisor type
Type 2 Hypervisor – also known as the hosted hypervisor type

Question 20

What is a bare-metal hypervisor?

Answer 20

Type 1 Hypervisor

When a hypervisor is installed directly on the hardware of a physical machine, between the hardware and the operating system (OS).

Question 21

Examples of bare-metal hypervisors

Answer 21

Hyper-v, VMware ESX/ESXi, Xen

Question 22

Advantages of bare-metal hypervisors

Answer 22

Since there is no software of the operating system between the two, Type 1 can provide excellent stability and performance.

https://goabacus.com/three-types-of-server-virtualization-explained/#:~:text=This%20type%20of%20full%20virtualization,physical%20server%20and%20its%20hardware.

Question 23

Challenges of bare-metal hypervisors?

Answer 23

• Isolation at the cost of size of the VM
• large VM of (800mb) –> challenge for scalability & migration, which is slower

Question 24

What is hosted virtualization?

Answer 24

Type 2 Hypervisor

On top of host OS. Guest OS runs on VMM.

Question 25

Examples of hosted virtualization

Answer 25

VMware workstation, VMware fusion, Oracle Virtualbox

Question 26

Advantages of hosted virtualization?

Answer 26

• resource requirements are low
• high scalability (not many MB per machine) -> easy migration from one machine to another
• multiple VMs can share a single machine/cluster

Question 27

OS-level virtualization

Answer 27

OS-level virtualization doesn’t use a hypervisor and doesn’t apply a host-guest paradigm. Instead, it utilizes a process called “containerization” which creates multiple user-space instances (containers or virtual environments) through a kernel in the OS.

• containers running on top of the OS kernel
• in the container, you can only run the OS that has the same kernel

Question 28

Benefits of OS-level virtualization

Answer 28

• effective concerning software migration ( all the containers run on the same kernel)
• best for backup and recovery services

Question 29

What is full virtualization?

Answer 29

In the full virtualization technique, the hypervisor completely simulates the underlying hardware. In full virtualization, the guest OS is unaware that it’s being virtualized.

Question 30

What is a trap?

Answer 30

trap = localized exception which occurs when the guest OS does not have the privileges to run an instruction

Question 31

What happens when several guest OSs execute privileged instructions to a single hardware?

Answer 31

• The Guest OSs are not able to execute privilege instructions to the hardware directly because they are not in ring 0
• The VMM is in between and coordinates the requests
• Every privilege instruction is trapped (it requires a s/w (software) interrupt) due to the execution in the less privileged ring
  the VMM intercepts such traps and emulates the instruction on the fly

Question 32

What is a binary translator?

Answer 32

VMware implemented a binary translator which overrides privileged instructions. The instructions can now go directly to the hypervisor

Question 33

What is I/O in computing?

Answer 33

the communication between an information processing system, such as a computer, and the outside world,

Question 34

IOV

Answer 34

Input/Output Virtualization (IOV) is a technology that allows multiple physical devices (e.g. network interfaces) to be shared among multiple virtual machines (VMs)

Question 35

Impact of system calls

Answer 35

a binary translated system call with the 32-bit guest OS (e.g. Windows or Linux) running on ring 1 takes around 2300 cycles

• because CPU issues fault messages for every system call. They are later translated and executed

Question 36

Impact of Memory Virtualization

Answer 36

• is a memory management technique
  maps programs’ memory addresses (virtual addresses) to the underlying physical machine memory

Question 37

Advantages of memory virtualization

Answer 37

• increased security
• isolation
• freeing applications
• reduce system crashes

Question 38

How are memory addresses mapped in full virtualization?

Answer 38

• program’s memory addresses (virtual addresses of VMs) are mapped to virtual physical memory and then to physical memory (machine memory)
• it is a 2 stage mapping process for any guest OS –> Guest OS cannot directly access the machine memory
• VMM does the mapping based on a shadow page table

Question 39

Disadvantages of full virtualization

Answer 39

• mapping by VMM of memory addresses takes 3 to 400 times more cycles than the native situation
• trapping and binary writing
• One disadvantage of full virtualization is that it can be resource-intensive, as each VM requires its own copy of the operating system and associated resources.

Question 40

Advantages of full virtualization

Answer 40

The advantage of this approach is that it allows multiple VMs to run on a single physical machine, each with its own operating system and resources.
- Allows running the unmodified OS.

Question 41

What is para virtualization?

Answer 41

• now the hypervisor has a less critical role
• the guest OS needs to be modified at the source code level –> runtime changes are avoided (no need for trapping and binary writing)
• performance is comparatively good
• hypervisor performs hypercalls to accommodate critical kernel operations

The guest systems are aware of each other’s presence and they all work as one entire unit.

Question 42

What are hypercalls?

Answer 42

They allow the guest OS to communicate with the hypervisor

Question 43

What is Hardware-assisted virtualization

Answer 43

• idea is to quickly identify the privilege instructions and to efficiently execute them
• in order to do so a high priority layer is added to the hardware level
• VMM works at this level and guest OS could operate at Ring 0
• highly portable as the hypervisor can run an unmodified guest OS