Some basic knowledge of virtualization

This article introduces some of the common sense of virtualization in the following ways:
Classification and example of the level of virtualization;
A brief history of system virtualization;
VMM classification;
A typical virtualization product;
Xen.

Virtualization Hierarchy Classification and examples

Instruction-level virtualization

Bochs

Qemu

Hardware-level Virtualization

Vmware

Xen

Kvm

OS-level Virtualization

Linux-vserver

Openvz

Programming language-level virtualization

Jvm

. Netcli

Program-level Virtualization

Wine

A brief History of system virtualization (Hardware-level virtualization)

The first virtual machine in history was a system/360 model VM developed by IBM for about 1965 years. The original design was designed to extend the concept of the most advanced virtual memory to other subsystems of the computer, to build a time-sharing system, to run multiple single-user operating systems, to enable multiple users to share expensive physical computer resources.

Then, with the development of Time Division multiuser operating system, the virtualization technology is really mature in the IBM vm/370 system after 15 years. As an iconic system, many of vm/370 's principles are still being used on IBM's Z system mainframe. The vm/370 runs on the IBM system/370 mainframe and virtual out of the system/370 virtual machines that are in the same architecture. Due to the excellent design of system/370 hardware, the implementation of VM/370 provides complete and efficient support, and the virtual machine is fully realized by vm/370 as the representative VM and system virtualization technology.

VM/370 is fully virtualized (full virtualization), and his abstract virtual machine has full physical computer characteristics.

In the same era, in the IBM m44/44x system, there was a semi-virtualized (partial-virtualization)(some books para virtualization called para-virtualization, they are not a concept) , para-virtualization (partial-virtualization) provides a partial simulation of the underlying hardware to meet the execution environment of some specialized software, but not all software that may run on a physical machine.

With the development of hardware, since the late the 1990s, the performance of desktop computers has gradually reached the level of supporting multiple systems running simultaneously. In the mainframe, the quiet moment of virtualization technology, in the minicomputer and microcomputer fields began to rapidly warming up. In 1997, a disco system developed at Stanford University explored the running of a common desktop operating system on a large-scale multiprocessor system with shared memory. Based on the research experience of disco system, disco developers continue to study the virtualization technology of personal computers, and then the 1998-year-old VMware company was born.

The innate design of the x86 architecture is widely used in the field of personal computers, and there is a support flaw or virtualization vulnerability to System virtualization (Virtualization Hole). In the x86 architecture, the virtualization technology needs to use the Software method to compensate for the shortcomings of the system structure design. For example, full software-based virtualization is implemented with code scanning or patching methods (scan and patch) or binary code translation (binary translation) technology, but this inevitably leads to a loss of performance and a very large degree of software complexity.

In this case, academia presents another way of thinking about the drawbacks of the guest service architecture, called Class virtualization Technology (Para virtualization)(some books are called semi-virtualized). The main idea is that through the collaborative design of the client operating system and the virtualization management layer, the Virtualization management layer software provides a virtual platform similar to the original physical system, but not identical (with the original system), in order to avoid the virtualization of the vulnerability and achieve higher virtualization efficiency. Virtualization technology needs to modify the operating system's source code to work with the underlying virtualization management software to avoid architectural flaws.

The Denali program at the University of Washington and the Xen program at the University of Cambridge in the United States support class virtualization.

While the appeal of two software-based methods can achieve system virtualization, they each have an unavoidable problem. The software-based approach to full virtualization inevitably leads to degraded performance, along with some loss of compatibility (where compatibility is referred to). ), and the methods of modifying the operating system are required for porting of existing systems and maintenance of kernel upgrades, as well as limitations for non-open-source operating systems.

The best way to solve the system structural flaws is to start with the architecture itself. Intel and AMD have progressively introduced processors with hardware virtualization support 2006 years later, fundamentally ensuring that the x86 architecture is a virtualized architecture. The VMM software can take advantage of these hardware virtualization technologies to enable full hardware-based virtualization so that the operating system does not need to make any modifications to run on the virtual machine.

In addition to the x86 processor architecture with hardware virtualization support, IBM Power 2001, Sun SPARC 2005 also added virtualization support to the processor. However, both IBM and Sun have adopted a hardware-based class virtualization strategy, in addition to the hardware to add support for virtualization, but also in the firmware layer to join the corresponding class virtualization VMM layer, the upper layer of the operating system needs to be modified according to the VMM layer interface. Provides comprehensive, collaborative support for virtualization from the processor to the firmware layer to the operating system layer.

Most of today's servers and desktop processors already have support for virtualization, but only to solve the problem of how the processor layer can better support virtualization, in order to make the virtualization solution more efficient, the computer system at all levels are gradually adding to the hardware support for virtualization, Evolve a virtualized ecosystem that is better supported for virtualization. For example, Intel, in addition to the VT technology in the processor, began to provide vt-d technology for I/O virtualization capabilities in the chip, and the NIC also began to provide better network virtualization support for multi-queue VMDQ technology. At the same time, the PCI Standards organization is actively specifying the PCI bridge Iov and PCI bridge IOV standards that support virtualization at the level of the device.

Since the the 1990s's development, virtualization software has made considerable progress. A lot of virtual machine software emerges in addition to, such as KVM, VirtualBox, Microsoft Virtual PC, Hyper-V, Sun xVM, Oracle VMs.

VMM Classification (Hardware-level virtualization)

Classification by Virtual Platform

Depending on the type of virtual platform that VMM is based on, you can divide VMM into two categories:

The first type of VMM virtual is a real-world platform, and in the client operating system it appears that the virtual platform is the same as the real platform, and the client operating system is unaware that it is running on a virtual platform. Such a virtual platform can run an existing operating system without any modifications to the operating system, so this approach is called full Virtualization (Virtualization). Full virtualization has software-assisted full virtualization and hardware-assisted full virtualization .

The second type of VMM virtual platform is not present in reality, but is redefined by VMM, which requires more or less modification of the running client operating system to fit the virtual environment, so the client operating system knows that it is running on a virtual platform and is actively adapting. This approach is known as class virtualization (para virtualization). In addition, a VMM can provide both a fully virtualized virtual platform and a virtual platform for class virtualization.

Implementing fabric classifications by VMM

Hypervisor model

In the hypervisor model, VMM can be seen as a complete operating system, but unlike traditional operating systems, VMM is designed for virtualization and has virtualization capabilities.

In the hypervisor model, VMM has both the management and virtualization capabilities of the physical resources, so the virtualization of the physical resources is more efficient and he does not depend on other operating systems, and the security of the virtual machine is only relevant to VMM, unlike the hosted VMM, The security of a virtual machine is related to VMM and the operating system.

Also due to the hypervisor model, where VMM has full physical resources, physical resources need to be managed, including device drivers, and these development workloads are significant.

Host model

The physical resources are managed by the host operating system and the host operating system is traditional, and VMM obtains resources to provide virtualization services by invoking the services of the host operating system. After VMM creates a virtual machine, it typically participates in scheduling the virtual machine as a process for the host operating system.

The biggest advantage of the host model is that it can take advantage of the device drivers of an existing operating system, and VMM does not need to re-implement drivers for various I/O devices, and can focus on the virtualization of physical resources. The host model can also take advantage of host operating system scheduling, power management lights, and other functions.

The efficiency and functionality of VMM virtualization is affected by the fact that virtualization support is not being considered at the beginning of the design and development of the host operating system. In addition, the security of the virtual machine depends on the security of the VMM and host operating systems.

Hybrid model

The hybrid model is the confluence of the above two patterns, and VMM is still at the bottom, and is used for all physical resources. However, unlike the hypervisor model, VMM does not control most I/O devices, and there is a privileged operating system running in a privileged virtual machine that controls most of the hardware and shares some of the responsibilities of VMM. Virtualization of processors and memory is done by VMM, and I/O virtualization is done together by VMM and the privileged operating system.

A typical virtualization product

VMware ESX Server 3

Based on the hypervisor model , it runs directly on the physical hardware without the operating system, and is a product for enterprise-class applications. Both full virtualization and class virtualization are supported, and hardware virtualization technology is beginning to be used in the new version.

VMware Server

host model for service-side entry-level products, the host operating system can be Windows or Linux. With the hosting model, VMware Server supports more hardware than ESX server, and VMware Server is free.

VMware Workstation

It is also the host model and the VMware desktop-facing product. The host operating system can be either Windows or Linux. VMware Workstation supports full virtualization. Unlike VMware Server, VMware Workstation is specifically optimized for desktop applications.

VMware Fusion

Hosting Model , similar to VMware Workstation, VMware Workstation runs on Windows and Linux, and VMware Fusion runs on Mac OS X based on the Intel Mac hardware platform.

Virtual PC

Miscrosoft Desktop-oriented virtualization product, host model , host operating system is windows, early adoption of software virtualization, based on binary translation technology. Hardware virtualization technology is already supported in the new version.

Virtual Server

Miscrosoft is a server-oriented, entry-level virtualization product that is also a host model , and the host operating system can be Windows XP and Windows Server 2003. Hardware virtualization technology is also beginning to be supported in the new version.

Windows Server 2008

2008 is the next-generation server operating system introduced by Miscrosoft, one of the key new features is virtualization. The virtualization architecture of Server 2008 employs a hybrid model , one of the most important parts of Hyper-V as the hypervisor running in the lowest level, and server 2008 itself running as a privileged operating system above hyper-V. Server 2008 uses hardware virtualization technology and must be run on a processor that supports Intel VT Technology or AMD-V technology. The Server2008 virtualization feature is pure 64-bit and runs only in the server 2008 64-bit version. The guest operating system supports 32-bit and 64-bit, multi-processor-capable client operating systems, and so on.

Xen

From a technical standpoint, Xen is based on a hybrid model . Privileged operating systems (DOMAIN0) can be Linux, Sorlaris, and NetBSD. Xen 1.0 2.0 implements class virtualization and 3.0 supports full virtualization of hardware-based technologies.

Kvm

KVM uses a hardware virtualization approach based on the Intel VT technology. From an architectural perspective, KVM is considered to be the host model and Linux is the host operating system. But as more and more virtualization features are added to Linux, some people think that Linux is already a Hypervisor, so KVM is the Hypervisor model . KVM and the Linux kernel combine very well, but KVM is still in the development phase.

Xen

Xen is a virtualization platform that has evolved into an important open source project in an academic research effort.

The uniqueness of Xen is that when it is first released, it uses a semi-virtualized (para virtualization) to run a regular operating system like Linux. Semi-virtualized needs to modify the operating system running on Xen, both to improve performance and to simplify the Xen itself.

In general, the operating system kernel is the most privileged software running on a computer, but in the case of virtualization, the hypervisor is the most privileged and the operating system kernel runs under relatively low permissions. If the operating system now attempts to execute some privileged instructions, then they will fail and the way of failure is critical. If they cause an error that the hypervisor will catch, the hypervisor can properly emulate this instruction and continue to control the virtual machine. Then there are some instructions on x86 that silently fail without triggering the hypervisor. This is bad news for virtualization because it prevents the operating system from working properly on the virtual machine. Popular technology (at least before Xen) is to scan operating system code at run time, look for specific instructions and replace them with code that calls the hypervisor directly (what technology?). How to do it? ）。 While this is ideal for compatibility, there is a significant overhead in performance.

When you publish Xen, it shows that performance can be significantly improved by abandoning the ideal compatibility.

The idea of para-virtualization is to remove all the features that are difficult to virtualize in a schema (such as x86) or if virtualization is expensive, and to replace them with semi-virtualized operations for direct communication in the virtualization layer.

The semi-virtualization of an operating system is to rewrite all code that is incompatible with the semi-virtualized schema. For the Linux kernel, Xen only modifies or adds 2995 lines of code to enable it to run on Xen.

Xen is an example of native virtualization . Another way is to run a hypervisor on the host operating system. In this case, each virtual machine actually becomes a process for the host operating system. Hosted hypervisor is typically used in virtualized products for workstations, such as VMware. The main advantage of this approach is that installing a hosted hypervisor is as simple as installing a new application, whereas installing a native hypervisor (such as Xen) is like installing a new operating system. Therefore, hosted virtualization is more suitable for non-professional users.

On the other hand, the advantage of native system management programs is that it can achieve better performance. Host-type virtual machines are more easily used for desktop virtualization.
The Xen3.0 release begins to support full virtualization based on Intel VT and AMD v hardware technology.

Original link: http://itblogs.ga/blog/20141217203759/

Some basic knowledge of virtualization