VL 3 Flashcards
(36 cards)
What is virtualization?
Computer architecture technology by which multiple virtual machines are multiplexed in the same hardware (access same hardware)
Creating resources in a layer abstracted from real hardware
Objectives of virtualization
Resource sharing by many users at a time
Replace and upgrade hardware in the fly
Add new devices without reboot
Reduce down time
Offer administrative tasks (installing software) at runtime
Faster provisioning of multiple machines
Modes of operation
Kernel mode: OS allows all CPU instructions to execute on the underlying hardware
Kernel codes do not execute in the USER mode
User mode: OS allows only a few instructions to be executed
If user apps have to execute privileged instructions, applications ask kernels to do the work
System calls and CPUs
OS does:
Process Management, Memory Management, File Management, Network Management, Scheduling, Timing
How many cycles does system call make?
Around 242
Hypervisor: Bare Metal Virtualization
Guest Applications Ring 3
Guest OSs Ring 1
—————
VMM Ring 0
Hardware
Hypervisor: Hosted Virtualization
Hypervisor (VMM) is loaded on top of OS.
Guest OS runs on hosted Hypervisors.
Parallels, oracle Virtualbox
Guest OS
VMM
—————
Host OS(Linux, MacOS)
Hardware
Implementation: Full virtualization
Guest OS is not modified
Guest OS Ring 1
———————
VMM Ring 0
Hardware
What happens if privileged instructions are executed in Full Virtualization?
They are trapped due to execution in less privileged ring.
VMM intercepts such traps and emulates instruction on the fly
Impact of system calls
A binary translated system call with 32-but guest OS running on ring 1 takes around 2300 cycles
Reason: CPU issues fault message for every system call. Later, they were translated and executed
Impact of I/O Virtualization
Bigger issue compared to CPU virtualization.
CPU could be added by replacing dual core CPU to quad cores
But memory bandwidth or data path or I/O chipset could not be easily modified/upgraded in a computing machine.
All guest OS should wait for physical I/O
Impact of memory virtualization
Was introduced to reduce system crash
Memory management technique: maps programs memory addresses to the underlying physical machine memory
Adv: increased security; isolation; freeing applications
Mapping in memory virtualization in VM
Programs memory Adresses are mapped to Virtual physical memory and then to physical memory => 2-stage mapping process for any guest OS
GuestOS machine memory access, memory virtualization
Cannot directly access, VMM does mapping of addresses
The page table in VMM is called shadow page table
Implementation: Para Virtualization
Guest OS needs to be modified at the source code level
Why not normal OS from Internet? Privileged instructions go directly to Hypervisor, because OS instructions are already translated in OS
Hypervisor provides interfaces to accommodate critical kernel operations like memory management
Why is performance good in Para Virtualization?
Because it avoids unnecessary trapping of critical instructions
Purpose of Hardware-assisted virtualization
Quickly identify the privilege instructions and efficiently execute them
=> one more high priority level VMX Root mode for VMM
Guest OS: ring 0
Bare metal Virtualization: pros and cons
Barr metal can be slower
Resources requirements are comparatively low
High scalability
Multiple VMs can share a single machine/cluster
In cloud, 1000s of VMs are required
=> hosted virtualization is better solution in terms of scalability
Hosted virtualization- OS level. How can be built ?
VMM is not b top ofHost OS
Built with namespaces and cgroups
Linux Namespaces
Used to limit the views
Wrap a group of resources
Kinds of namespaces
PID namespace: create another set of PID from PID 1 for that specific namespace
Cgroup namespace: offers new views to root directories for processes, isolates and manages resources
Network namespace: offers new view for network resources
Cgroups - control groups
Limits application to a specific set of resources
Provides mechanism for aggregating/partitioning set of tasks
Types of cgroups
Memory
CPU
Devices
Memory cgroup
Memory resource controller
Creates a cgroup with a limited amount of memory
Features:
Accounting: how much memory pages are utilized by a specific group of running processes ?
Limiting: soft limit: memory allotted if available
Hard limit: memory is not allotted to group if tasks
