Hardware-assisted virtualization, a more efficient and reliable way to implement virtualization is implemented in two ways: pure software virtualization and hardware-assisted virtualization.
Technically, hardware-assisted virtualization enhances the performance, flexibility, and reliability of virtualization by improving the isolation of the customer's virtual system. It is also simpler to implement.
Virtualization technology was first adopted on large mainframe, with the development of technology and the intensification of competition, IBM, HP and Sun later moved it down, and gradually introduced it into the high-end RISC server system.
With the improvement of X86 processor performance and the popularization of applications, many companies in the industry have seen the value of virtualization on the X86 platform, so software vendors such as VMware, Xen, Microsoft and SWsoft have introduced virtualization software to support the X86 platform.
The basic idea of these software virtualization products is to establish a layer of software layer to control and allocate hardware resources between the operating system and the hardware layer or the operating system to achieve the goal of virtualization system resources.
However, the implementation pattern of different virtualization products is also very different, through the software layer between the underlying hardware and operating systems to achieve virtualization capabilities of the representative for VMware and Xen products, while the SWsoft products are on a specific operating system "virtual" the multiple copies of system resources ( SWsoft has a version that supports Windows and Linux, which has the advantage of not modifying the system software and having less impact on system performance, but because the level of virtualization is not "low" and less flexible, such as VMware's products can be virtualized on a Linux system basis The application environment for Windows.
For X86 processors, there are 4 different priorities in the protection mode, called the ring, named from Ring 0 until Ring3. These ring priorities vary depending on the function they perform. Ring 0 is used in the operating system core, the highest priority, with the highest "privileges", Ring 1 and Ring 2 for operating system services, priority, ring 3 for applications, the lowest priority.
The principle of software virtualization technology the operating system in the ring 0 privileged space can give priority to various hardware resources. The traditional software virtualization technology is to run a software middle layer called Virtual Machine Monitor (VMM) in ring 0, which is responsible for controlling and arranging the priority of each partition to access hardware resources. It requires running the operating system at a higher level of the software stack ─― is usually the ring 1 or ring 3 shared with the system application. Because the operating system design defaults to the ring 0 privilege level, and now ring 0 is owned by Virtual Machine Monitor (VMM), So the traditional pure software virtualization technology requires the virtual machine Monitor (VMM) through complex software programming to solve this contradiction.
One way to do this is to modify the operating system's kernel source code to recognize that it works in the guest OS virtual operating system mode, and another way is to require some hardware call instructions for the operating system during the runtime to be translated into binary code. Because of the above reasons, traditional pure software implementation in the testing, verification and maintenance of each new operating system and related patches, paid a lot of time and money, and binary code translation needs to consume a lot of computing resources of the processor.
Intel VT Technology Works Pure software virtualization runtime overhead can cause the system to run slowly, data indicates that it can cause more than 10% of the performance degradation, especially in the domain of server consolidation, when the number of virtualized systems is large, the loss of a more significant. In addition, due to the software to capture the allocation of basic resources of the processor instructions, not only the process complexity, reliability is not high, the compatibility of different platforms is also easy to create problems.
This is also an important reason for the birth of hardware-assisted virtualization technology. Compared to software scenarios, the VT technology has made significant improvements to the ring privilege level that is assigned to the guest OS (operating systems on virtual machines) in different situations, providing dedicated space for virtual machine Monitor (VMM) in the software stack, It simplifies hardware invocation by supporting unmodified operating systems and applications running in environments designed specifically for them.
At the same time, VT has significantly improved efficiency and reliability by supporting the switch between virtual machine monitor (VMM) and installed guest OS through the hardware underlying instruction set.
In addition, the VT technology has designed a dedicated memory address space that retains processor state information for virtual Machine Monitor (VMM) and installed guest OS, which not only shortens the interval between access to hardware for each operating system, but also enhances security isolation between operating systems on each virtual machine.
(Responsible editor: The good of the Legacy)