Linux Kernel Virtual Machine-learning KVM architecture and its advantages

Introduction 

The concept of Virtualization has long existed. Simply put, virtualization is the process of using certain programs and making them look similar to other programs. Applying this concept to a computer system allows different users to see different individual systems (for example, a computer can run both Linux and Microsoft? Windows ?). This is usually called full virtualization ).

In this article, we use KVM to reference kernel virtual machines and KVM to reference system management programs (to start a new virtual machine ).

Virtualization can also use a more complex format, where a single computer looks to have multiple architectures (for one user, it is a standard X86 platform; for another user, is it an IBM Power PC? Platform ). This virtualization form is often called hardware simulation.

Finally, a simpler type of virtualization is operating system virtualization. One computer can run multiple operating systems of the same type. This virtualization can isolate multiple servers in one operating system (which means all operating systems of the same type and version must be used ). For more information about the virtualization method, see references.

Para-Virtualization)

The two most common virtualization methods are full virtualization and quasi-virtualization. With full virtualization, there is a layer between the virtualized operating system and the hardware to determine access. This layer is called a system manager or Virtual Machine monitor (vmm ). Quasi-virtualization is similar to this, but system management programs operate in a more collaborative manner. This is because every customer's operating system understands that he is running in virtualization mode. Therefore, every system works with the system management program to achieve virtualization of underlying hardware.

Examples of full virtualization include commercial virtualization solutions VMware and commercial IBM zseries? The IBM System Z9 Virtual Machine (z/Vm) operating system used on the computer. Quasi-virtualization examples include xen and user-mode-Linux (UML ). KVM is also considered a full virtualization solution, but we will discuss this issue later.

How virtualization works 

First, we will briefly introduce the virtualization technology and its elements. The bottom of the virtualization solution is the machine for virtualization. This machine may directly support virtualization, or it may not directly support virtualization. Therefore, the support at the system management program layer is required. System management programs, or vmm, can be seen as abstraction of platform hardware and operating systems. In some cases, this system administrator is an operating system. In this case, it is called a host operating system, as shown in figure 1.

Figure 1. Layered abstraction of Virtualization
 
Layered abstraction of Virtualization

The system hypervisor is a client operating system, also known as a virtual machine (VM ). These VMS are isolated from each other, and the underlying hardware platform is regarded as its own. But in fact, it is the illusion that system management programs create for them.

Virtualization support for processors

Because the advantages of platform virtualization are very useful, the processor supplier has modified its own chip to directly support this method. In this way, the processor can directly support system management programs different from the client operating system. For vmm and Vm, in addition to the management of the processor status (registers, etc.), the processor also supports I/O and interrupt virtualization. For more information, see references.

Currently, the problem with virtualization solutions is that not all hardware can support virtualization well. Older x86 processors produce different results for specific commands Based on the execution scope. This creates a problem because the system administrator program can only be executed within one of the most protected ranges. For this reason, virtualization solutions such as VMware scan the code to be executed in advance to replace these commands with some trap commands ), in this way, the system administrator can process them correctly. Xen supports a collaborative virtualization method that does not need to be modified because the client knows that it is virtualizing and has been modified. KVM simply ignores this issue. If you want to virtualize it, you must run it on the updated hardware.

At the beginning, I thought this was inconvenient, but considering that more new machines currently listed can support Virtualization (such as Intel? VT and amd svm). It will not take long, and this will become a standard method rather than a few exceptions. For more information about the processors that support virtualization, see references and sidebar processor support for virtualization.

KVM System Management Program 

Considering that the development of virtualization technology is not long, KVM is actually a relatively new technology. Currently, multiple open-source technologies are available, such as xen, bochs, UML, Linux-vserver, and colinux. However, KVM is widely used. In addition, KVM is no longer just a full virtualization solution, but will become part of a larger solution.

KVM is used to convert the Linux kernel into a system administrator by simply loading the kernel module. This kernel module exports a device named/dev/KVM, which can enable the kernel customer mode (except the traditional kernel mode and user mode ). With the/dev/KVM device, the VM makes its address space independent from the address space of the kernel or any other VM running. Devices in the Device Tree (/Dev) are common to all user space processes. However, each process that opens/dev/KVM sees different mappings (to support isolation between VMS ).

KVM source code in Linux Kernel 

You can find the KVM source code in./Linux/Drivers/KVM (v2.6.20 and later versions. This directory contains the KVM source files and support files for intel and AMD extended processors.

KVM then converts the Linux kernel into a System Management Program (when the KVM kernel module is installed ). Because the standard Linux kernel is a system management program, it will benefit a lot from the modifications to the standard kernel (memory support, scheduling program, etc ). Optimizing these Linux components (such as the new O (1) scheduler in the 2.6 kernel) can benefit both the System Management Program (host operating system) and the Linux client operating system. But KVM is not the first program to do this. UML has long ago converted the Linux kernel into a system management program. Using the kernel as a system management program, you can start other operating systems, such as another Linux kernel or Windows system.

KVM 

After KVM is installed, you can start the customer's operating system in the user space. Each customer's operating system is a single process of the host operating system (or System Management Program. Figure 2 provides a view of KVM virtualization. The bottom is a hardware platform capable of Virtualization (currently referred to as an Intel VT or AMD-SVM processor ). On bare hardware, a System Management Program (Linux kernel with KVM module) is run ). This system administrator program is similar to a common Linux kernel that can run other applications. However, this kernel also supports the client operating system loaded using the KVM tool. Finally, the customer's operating system can support the same applications supported by the host operating system.
Figure 2. Use KVM virtualization Components
 
Use KVM virtualization Components

Remember that KVM is only part of the virtualization solution. The processor directly provides virtualization support (which can be multiple operating system virtualization processors ). Memory can be virtualized through KVM (This will be discussed in the next section ). Finally, I/O is virtualized through a slightly modified qemu process that executes a copy of each client's operating system process.

KVM introduces a new process mode in addition to the existing kernel and user mode to Linux. This new mode is called the customer mode. As its name suggests, it is used to execute the customer's operating system code (at least part of the Code ). Recall that the kernel mode represents the privileged mode of code execution, while the user mode represents the non-privileged mode (used for programs running outside the kernel ). Based on the running content and purpose, the execution mode can be defined for different purposes. The customer mode is used to execute the user's operating system code, but only for non-I/O Code. There are two standard modes in the customer mode. Therefore, the customer's operating system can support standard kernels in the customer mode, in user mode, you can run your own kernel and user space applications. The user mode of the customer's operating system can be used to perform I/O operations, which are managed separately.

The execution of I/O functions on the customer's operating system is provided by qemu. Qemu is a platform virtualization solution that allows you to virtualize a complete PC environment (including disks, graphic adapters, and network devices ). Any I/O requests generated by the customer's operating system will be intercepted midway through and re-sent to the user mode simulated by the qemu process.

KVM provides memory virtualization through/dev/KVM devices. Each customer's operating system has its own address space, which is mapped when the customer's operating system is instantiated. The physical memory mapped to the customer's operating system is actually the virtual memory mapped to the process. To support the conversion from a customer's physical address to a host's physical address, the system maintains a set of shadow page tables ). The processor can also use the System Management Program (host kernel) to support the memory conversion process when accessing unmapped memory locations.

Operating System of new customers by instance 

The new customer's operating system is instantiated by a tool named KVM. This tool can work with the KVM module to use/dev/KVM to load the customer's operating system and associate it with a virtual disk (a common file in the host operating system, then start the customer's operating system.

A set of IOCTLs executed on/dev/KVM devices can provide control support. When this special file is opened for the first time, a new VM object is created, which is associated with a virtual CPU. You can then use several IOCTLs to create a virtual CPU, check the KVM version, create a memory area, and then start a virtual CPU. You can use the KVM command to implement this function. In the following sections, we will introduce the KVM command and provide several supported IOCTLs examples.

Use KVM 

If the hardware supports it, it is actually very simple to use KVM. You need a processor that supports virtualization. Check/proc/cpuinfo to see if the system supports virtualization. This file specifies whether vmx (Intel) or SVM (AMD) extensions are supported.

Next, you need a Linux kernel with KVM enabled. You can complete this configuration in Kernel configuration under device drivers> virtualization. You must also enable environment support for the processor. In addition, you must have KVM and qemu user space applications. For more information, see references.

With the boot kernel enabled With virtualization support, the next step is to create a disk image for the customer's operating system. You can use qeumu-IMG to complete this operation, as shown below. Note that the size of this image is 4 GB, but when the qemu copy-on-write format (qcow) is used, the entire file will increase as needed, instead of occupying the 4 GB space completely.

$ Qemu-IMG create-F qcow vm-disk.img 4G

After creating a virtual disk, you can load the customer's operating system to it. The following example assumes that the customer's operating system is on the CD-ROM. In addition to filling the virtual disk with a CD-ROM ISO image, you must start the image at the end.

$ KVM-no-ACPI-M 384-CDROM guestos. iso-hda vm-disk.img-boot d

Ari kivity has compiled a set of test tools to test KVM without the need for all device models. The following code snippet (from the kvm-12/user/Main. c) looks at the startup of the VM at a higher level (see Listing 1 ). The control feature is provided by IOCTLs in the kernel (specifically, in the./linux-2.6.20/Drivers/KVM/kvm_main.c file ).

When calling kvm_init, the/dev/KVM device is enabled, the version number is checked (exported by the KVM kernel module), a KVM context object is allocated, and some callback functions are filled in. The kvm_create function will create and map two memory areas, and then use IOCTL (kvm_create_vcpu) to create a virtual CPU (vcpu ).

The load_file function then loads the image to the address space of the specified Vm, and then calls kvm_run to execute the VM (using IOCTL kvm_run ). Although this process is simple, it explains how to use KVM instances to create new customer operating systems.

List 1. Application piece for testing KVM System Management Programs

Int main () <br/>{< br/> void * vm_mem; <br/> KVM = kvm_init (& test_callbacks, 0); <br/> If (! KVM) {<br/> fprintf (stderr, "kvm_init failed/N"); <br/> return 1; <br/>}< br/> If (kvm_create (KVM, 128*1024*1024, & vm_mem) <0) {<br/> kvm_finalize (KVM ); <br/> fprintf (stderr, "kvm_create failed/N"); <br/> return 1; <br/>}< br/> If (AC> 1) <br/> If (strcmp (av [1], "-32 ")! = 0) <br/> load_file (vm_mem + 0xf0000, AV [1]); <br/> else <br/> enter_32 (KVM ); <br/> If (AC> 2) <br/> load_file (vm_mem + 0x100000, AV [2]); <br/> kvm_show_regs (KVM, 0 ); <br/> kvm_run (KVM, 0); <br/> return 0; <br/>}

Conclusion 

KVM is an interesting solution to solve the virtualization problem, but it is hard to imagine that it will soon be used for server virtualization because it is the first virtualization solution to enter the kernel. There are other methods that have been competing to enter the kernel (such as UML and xen), but KVM requires fewer modifications and can convert the standard kernel into a system management program, therefore, its advantages are self-evident.

Another advantage of KVM is that it is part of the kernel itself, so kernel optimization and improvement can be used. Compared with other independent system management program solutions, this method is a technology that is not outdated. Two major disadvantages of KVM are the need for a newer processor that supports virtualization and a qemu process in a user space to provide I/O virtualization. But whether it is good or bad, KVM is in the kernel, which is a huge leap for existing solutions.

References 
Learning

* For the latest news about KVM, refer to the KVM wiki, which is provided by qumranet.

* Although the appearance of KVM is very short, you can find some articles about its performance in various aspects. Two of the most interesting articles are provided by phoronix and kernelnewbies.

* Another interesting article on kernelnewbies compares virtualization methods (including KVM ).

* V2.6 the Linux scheduler is created by Ingo Molnar to implement O (1) scheduling. You can learn more about this scheduler by reading "Linux scheduler insider" (M. Tim Jones, developerworks, May September 2006.

* Colinux allows you to run Linux on Windows.

* Qemu is an open-source processor simulator. It can also provide the PC environment virtualization function for KVM.

* To download all the required KVM applications, see Debian.

About the author 

M. Tim Jones is an embedded software engineer who is the author of books such as GNU/Linux application programming, AI Application Programming, and BSD sockets programming from a multilanguage perspective. His engineering background is very extensive, from synchronizing the kernel development of the spacecraft to the embedded architecture design, to the development of network protocols. Tim is a consultant engineer at Emulex Corp. In longmont, Colorado.