Exploring Linux kernel virtual machines -- learning the KVM architecture and its advantages (1)

Linux has both good flexibility and excellent virtualization. But recently, with the emergence of kernel Virtual Machine KVM), the prospect of Linux Virtualization has changed. KVM is the first virtualization solution that forms part of mainstream Linux kernel V2.6.20. KVM supports Virtualization of Linux customers' operating systems-or even Virtualization of their hardware on Virtualization-sensitive Windows systems. Understand the Linux KVM architecture and understand why its close integration with the kernel has changed the way you use Linux.

Introduction

The concept of Virtualization has long existed. Simply put, virtualization is the process of using certain programs and making them look similar to other programs. Applying this concept to computer systems allows different users to see different single systems. For example, a computer can run both Linux and Microsoft Windows ). This is usually called full virtualization ).

Virtualization can also use more complex formats. A single computer may have multiple architectures. For one user, it is a standard x86 platform. For another user, it is an IBM Power PC platform ). This virtualization form is often called hardware simulation.

Finally, a simpler type of virtualization is operating system virtualization. One computer can run multiple operating systems of the same type. This virtualization can isolate multiple servers in one operating system, which means that all operating systems of the same type and version must be used ).

Virtualization and quasi-virtualization para-virtualization)

The two most common virtualization methods are full virtualization and quasi-virtualization. With full virtualization, there is a layer between the virtualized operating system and the hardware to determine access. This layer is called the system hypervisor or Virtual Machine monitor VMM ). Quasi-virtualization is similar to this, but system management programs operate in a more collaborative manner. This is because every customer's operating system understands that he is running in virtualization mode. Therefore, every system works with the system management program to achieve virtualization of underlying hardware.

Examples of full virtualization include commercial virtualization solutions VMware and the IBM System z9 Virtual Machinez/VM on commercial IBM zSeries computers. Quasi-virtualization examples include Xen and User-Mode-Linux (UML ). KVM is also considered a full virtualization solution, but we will discuss this issue later.

How virtualization works

First, we will briefly introduce the virtualization technology and its elements. The bottom of the virtualization solution is the machine for virtualization. This machine may directly support virtualization, or it may not directly support virtualization. Therefore, you need to support the system management program layer. System management programs, or VMM, can be seen as abstraction of platform hardware and operating systems. In some cases, this system administrator is an operating system. In this case, it is called a host operating system, as shown in figure 1.

Figure 1. Layered abstraction of Virtualization

On top of the system management program is the client operating system, also known as the Virtual Machine VM ). These VMS are isolated from each other, and the underlying hardware platform is regarded as its own. But in fact, it is the illusion that system management programs create for them.

Currently, the problem with virtualization solutions is that not all hardware can support virtualization well. Older x86 processors produce different results for specific commands Based on the execution scope. This creates a problem because the system administrator program can only be executed within one of the most protected ranges. For this reason, virtualization solutions such as VMWare scan the code to be executed in advance to replace these commands with some trap commands trap instruction ), in this way, the system administrator can process them correctly. Xen supports a collaborative virtualization method that does not need to be modified because the client knows that it is virtualizing and has been modified. KVM simply ignores this issue. If you want to virtualize it, you must run it on the updated hardware.

At the beginning, I thought this was inconvenient, but considering that newer machines currently listed can support virtualization such as Intel VT and AMD SVM, it would not take long, this will become a standard method, rather than a few exceptions.

KVM System Management Program

Considering that the development of virtualization technology is not long, KVM is actually a relatively new technology. Currently, multiple open-source technologies are available, such as Xen, Bochs, UML, Linux-VServer, and coLinux. However, KVM is widely used. In addition, KVM is no longer just a full virtualization solution, but will become part of a larger solution.

KVM is used to convert the Linux kernel into a system administrator by simply loading the kernel module. This kernel module exports a device named/dev/kvm, which can enable the kernel customer mode in addition to the traditional kernel mode and user mode ). With the/dev/kvm device, the VM makes its address space independent from the address space of the kernel or any other VM running. Devices in the Device Tree/dev) are common to all user space processes. But each process that opens/dev/kvm sees a different ing to support isolation between VMS ).

KVM then converts the Linux kernel into a system administrator when installing the kvm kernel module ). Because the standard Linux kernel is a system management program, it will benefit a lot from the modifications to the standard kernel memory support, scheduling programs, etc ). Optimizing these Linux components, for example, the new O (1) scheduler in the kernel of version 2.6, can benefit both the system administrator host operating system and the Linux client operating system. But KVM is not the first program to do this. UML has long ago converted the Linux kernel into a system management program. Using the kernel as a system management program, you can start other operating systems, such as another Linux kernel or Windows system.

KVM

After KVM is installed, you can start the customer's operating system in the user space. Each customer's operating system is a single process of the host operating system or system management program. Figure 2 provides a view of KVM virtualization. The bottom is the ability to virtualize the hardware platform currently refers to the Intel VT or AMD-SVM processor ). On bare hardware, the system administrator program runs the Linux kernel with the KVM module ). This system administrator program is similar to a common Linux kernel that can run other applications. However, this kernel also supports the client operating system loaded using the kvm tool. Finally, the customer's operating system can support the same applications supported by the host operating system.

Figure 2. Use KVM virtualization Components

Remember that KVM is only part of the virtualization solution. The processor directly provides virtualization support for multiple operating system virtualization processors ). Memory can be virtualized through kvm, which will be discussed in the next section ). Finally, I/O performs virtualization by executing a copy of each client's operating system process through a slightly modified QEMU process.

KVM introduces a new process mode in addition to the existing kernel and user mode to Linux. This new mode is called the customer mode. As its name suggests, it is used to execute at least a part of the client's operating system code ). Recall that the kernel mode indicates the privileged mode of code execution, while the user mode indicates that the non-privileged mode is used for programs running outside the kernel ). Based on the running content and purpose, the execution mode can be defined for different purposes. The customer mode is used to execute the user's operating system code, but only for non-I/O Code. There are two standard modes in the customer mode. Therefore, the customer's operating system can support standard kernels in the customer mode, in user mode, you can run your own kernel and user space applications. The user mode of the guest operating system can be used to perform I/O operations, which are managed separately.

The execution of I/O functions on the customer's operating system is provided by QEMU. QEMU is a platform virtualization solution that allows you to virtualize a complete PC environment, including disks, graphical adapters, and network devices ). Any I/O requests generated by the customer's operating system will be intercepted midway through and re-sent to the user mode simulated by the QEMU process.

KVM provides memory virtualization through/dev/kvm devices. Each customer's operating system has its own address space, which is mapped when the customer's operating system is instantiated. The physical memory mapped to the customer's operating system is actually the virtual memory mapped to the process. The system maintains a set of shadow page tables to convert customers' physical addresses to host addresses ). The processor can also use the System Manager Host kernel to access unmapped memory locations) to support memory conversion processes.