OS Virtualization

Download Report

Transcript OS Virtualization

OS Virtualization
Tanenbaum 8.3
See references
Outline
•
•
•
•
•
What is Virtualization?
Why would we want it?
Why is it hard?
How do we do it?
Choices
cs431-cotter
2
What is Virtualization?
• OS virtualization
– Create a platform that emulates a hardware
platform and allow multiple instances of an
OS to use that platform, as though they have
full and exclusive access to the underlying
hardware
cs431-cotter
3
What is Virtualization?
Applications Applications Applications
OS 1
OS 2
OS 3
Applications
OS 4
Virtualization Platform
Hardware
cs431-cotter
4
Virtualization – Why?
• Server Consolidation
– Often many servers support 1 major application
– Strong isolation between VMs
– Virtualization saves on hardware & energy
• Disaster Recovery
• High Availability
• Testing and Deployment
cs431-cotter
5
Virtualization – Why?
• Desktop Consolidation
– Support for legacy applications
– Software Development
– Training
cs431-cotter
6
The Problem
• OS uses kernel mode / user mode to
protect the OS.
– System calls (privileged instructions) generate
a trap (software interrupt) that forces a switch
to kernel mode
– These calls trigger sensitive instructions (I/O,
MMU control, etc.) that must only be executed
by the kernel
cs431-cotter
7
The Problem
• If our VM now runs in user space, we
cannot run sensitive instructions in it, since
those must trap to kernel space.
• Solved in 2005 with new CPUs
– Intel Core 2 – VT (Virtualization Technology)
– AMD Pacific – SVM (Secure Virtual Machine)
– Provides new instructions that allow VM to
capture traps
cs431-cotter
8
Implementation
• Type 1 Hypervisor
• Type 2 Hypervisor
• Paravirtualization
cs431-cotter
9
Type 1 Hypervisor
• Runs on “bare metal”
• Virtual machines run in user mode
– VM runs the guest OS (which thinks it is
running in kernel mode) – Virtual kernel Mode
– If guest OS calls sensitive instructions,
hypervisor will trap and execute the
instructions.
– If application on guest OS calls sensitive
instructions (system calls), hypervisor traps to
guest OS.
cs431-cotter
10
Type 1 Hypervisors
Figure 8-26. When the operating system in a virtual machine
executes a kernel-only instruction, it traps to the hypervisor if
virtualization technology is present.
cs431-cotter
Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639
11
Type 2 Hypervisor
• Runs from within a OS.
• Supports guest OSs above it.
– Boot from CD to load new OS
– Read in code, looking for basic blocks
– Then inspect basic block to find sensitive instructions.
If found, replace with VM call (process called binary
translation)
– Then, cache block and execute.
– Eventually all basic blocks will be modified and
cached, and will run at near native speed.
cs431-cotter
12
Type 2 Hypervisor
Applications Applications Applications
OS 1
OS 2
OS 3
Virtualization Platform
Applications
Base Operating System
Hardware
cs431-cotter
13
Paravirtualization
• Modify Guest OS so that all calls to
sensitive instructions are changed to
hypervisor calls.
• Much easier (and more efficient) to modify
source code than to emulate hardware
instructions (as in binary translation).
• In effect, turns the hypervisor into a
microkernel.
cs431-cotter
14
Paravirtualization (1)
Figure 8-27. A hypervisor supporting both true
virtualization and paravirtualization.
cs431-cotter
Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639
15
Problems with Paravirtualization
• Paravirtualized systems won’t run on
native hardware
• There are many different paravirtualization
systems that use different commands, etc.
– VMware, Xen, etc.
• Proposed solution:
– Modify the OS kernel so that it calls a special
set of procedures to execute sensitive
instructions (Virtual Machine Interface )
• Bare metal – link to library that implement code
• On VM – link to VM specific library
cs431-cotter
16
Paravirtualization (2)
Figure 8-28. VMI Linux running on (a) the bare
hardware (b) VMware (c) Xen.
cs431-cotter
Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639
17
Products (partial List)
•
•
•
•
Microsoft – Virtual PC, Hyper-V
QEMU – Processor Emulation & VM
Sun Microsystems – xVM, VirtualBox
VMware – ESX Server, Workstation,
Fusion, Player, Server
• Xen – Xen
• VirtualIron
cs431-cotter
18
Memory Virtualization
• OS tracks mapping of virtual memory
pages to physical memory pages.
• Builds page tables, then update paging
register (trap).
• Allow hypervisor to manage page
mapping, and use shadow page tables for
the VMs
cs431-cotter
19
Memory Virtualization
• Changes to page tables do NOT trap!
– One solution: Mark shadow page tables as
read only. Then when VM tries to write to
table, page fault traps to hypervisor.
– Paravirtualized OS: Since OS has been
modified to account for hypervisor, page table
updates can be followed by call to hypervisor
about changes.
cs431-cotter
20
I/O Virtualization
• Each guest OS holds its own “partition”.
– Typically implemented as a file or region on
disk
– Hypervisor must convert guest OS address
(block #) into physical address in region
– May convert between storage types.
– Must deal with DMA requests
cs431-cotter
21
VM on Multi-core CPUs
• Each core can be configured for multiple
virtual machines.
– A Quad-core CPU could be configured as a
32 node multi-computer
– Limiting factor is often memory. Each guest
OS has its own requirements (512 MB?)
cs431-cotter
22
Installing a Virtual machine
• Will first install VirtualBox as hypervisor
• Base OS is Windows 7
• Guest OS will be Ubuntu 12.04.1
cs431-cotter
23
Installing VirtualBox
cs431-cotter
24
Installing VirtualBox
cs431-cotter
25
Installing VirtualBox
cs431-cotter
26
Installing VirtualBox
cs431-cotter
27
Installing Ubuntu VM
cs431-cotter
28
Installing Ubuntu VM
cs431-cotter
29
Installing Ubuntu VM
cs431-cotter
30
Installing Ubuntu VM
cs431-cotter
31
Installing
Ubuntu
VM
cs431-cotter
32
Installing Ubuntu VM
cs431-cotter
33
Installing Ubuntu VM
cs431-cotter
34
Installing Ubuntu VM
cs431-cotter
35
Summary
• Virtualization provides a way to
consolidate OS installations onto fewer
hardware platforms
• 3 basic approaches
– type 1 hypervisor
– type 2 hypervisor
– Paravirtualization
• Must also account for virtual access to
shared resources (memory, I/O)
cs431-cotter
36
References
• Virtual Machine Interface
– http://vmi.ncsa.uiuc.edu/
• VirtualBox
– https://www.virtualbox.org
• Xen Hypervisor (Red Hat Linux)
– http://www.xen.org/
• Virtual PC 2007
– http://www.microsoft.com
cs431-cotter
37
Questions
• In terms of resource allocation does a type 1
hypervisor leave more or less space for guest
OSs than a type 2 hypervisor? Why?
• In terms of a access to a guest OS, what is the
difference between a bridged interface and a
NAT interface?
• What changes are needed to convert a guest
OS into a paravirtualized OS?
• Why has virtualization not been available on
PCs until recently (2005)?
cs431-cotter
38