1CSE 120CSE 120Principles of Operating Principles of Operating SystemsSystemsSystemsSystemsWinter 2007Winter 2007Lecture Lecture 16: Virtual Machine Monitors16: Virtual Machine MonitorsKeithKeithMarzulloMarzulloand Geoffrey Mand Geoffrey MVoelkerVoelkerKeith Keith MarzulloMarzulloand Geoffrey M. and Geoffrey M. VoelkerVoelkerVirtual Machine MonitorsVirtual Machine Monitorsz Virtual Machine Monitors (VMMs) are a hot topic hot topic in industry and academiaindustry and academia Industry commitment» Software: VMware, Xen, Microsoft Virtual PC» Hardware: Intel VT, AMD-V If Intel and AMD add it to their chips, you know it’s serious… Academia: lots of VMM-based projects and papersz An old idea, actually: developed by IBM in 60s and 70s© 2007 Keith Marzullo and Geoffrey M. Voelkerz Today What is it, what problems have to be solved, how to solve them Survey some virtualization systems Briefly outline cool things you can do with virtualizationMarch 7, 2007 CSE 120 – Lecture 16 – Virtual Machine Monitors 22What is a VMM?What is a VMM?z We have seen that an OS already virtualizes Syscalls, processes, virtual memory, file system, sockets, etc.Applications program to this interfacez A VMM virtualizes an entire physical machine Interface supported is the hardware» OS defines a higher-level interface VMM provides the illusion that software has full control over the hardware (of course, VMM is in control) VMM “applications” run in virtual machines (c.f., OS processes)© 2007 Keith Marzullo and Geoffrey M. Voelkerz Implications You can boot an operating system in a virtual machine Run multiple instances of an OS on same physical machine Run different OSes simultaneously on the same machine» Linux on Windows, Windows on Mac, etc.March 7, 2007 CSE 120 – Lecture 16 – Virtual Machine Monitors 3Why in Why in tarnationtarnation would you would you do such a crazy thing? do such a crazy thing? z Resource utilization Machines today are powerful, want to multiplex their hardwareyp , p» e.g., ISP hosting can divvy up a physical machine to customers Can migrate VMs from one machine to another without shutdownz Software use and development Can run multiple OSes simultaneously» No need to dual boot Can do system (e.g., OS) development at user-levelzMany other cool applications© 2007 Keith Marzullo and Geoffrey M. VoelkerzMany other cool applications Debugging, emulation, security, speculation, fault tolerance…z Common theme is manipulating applications/services at the granularity of a machine Specific version of OS, libraries, applications, etc., as packageMarch 7, 2007 CSE 120 – Lecture 16 – Virtual Machine Monitors 43VMM RequirementsVMM Requirementsz FidelityOSesand applications work the same without modificationOSesand applications work the same without modification» (although we may modify the OS a bit)z Isolation VMM protects resources and VMs from each otherz Performance VMM is another layer of software…and therefore overhead»As with OS, want to minimize this overhead© 2007 Keith Marzullo and Geoffrey M. VoelkerCSE 120 – Lecture 16 – Virtual Machine Monitors»As with OS, want to minimize this overhead VMware:» CPU-intensive apps: 2-10% overhead» I/O-intensive apps: 25-60% overheadMarch 7, 2007 5Rough VMM ModelRough VMM Modelz VMM runs with privilegeOS in VM runs at“lesser”privilege (think user-level)OS in VM runs at lesser privilege (think userlevel) VMM multiplexes resources among VMsz Want to run OS code in a VM directly on CPU Think in terms of making the OS a user-level process What OS code can run directly, what will cause problems?z Ideally, want privileged instructions to trapException vectors to VMM it emulates operation returns© 2007 Keith Marzullo and Geoffrey M. VoelkerCSE 120 – Lecture 16 – Virtual Machine MonitorsException vectors to VMM, it emulates operation, returns Nothing modified, running unprivileged is transparant Known as trap-and-emulatez Unfortunately on architectures like x86, not so easyMarch 7, 2007 64VirtualizingVirtualizing the x86the x86z Ease of virtualization influenced by the architecturex86 is perhaps the last architecture you would choosex86 is perhaps the last architecture you would choose But it’s what everyone uses, so…that’s what we deal withz Issues Unvirtualizable events» popf does not trap when it cannot modify system flags Hardware-managed TLB» VMM cannot easily interpose on a TLB miss (more in a bit)© 2007 Keith Marzullo and Geoffrey M. VoelkerCSE 120 – Lecture 16 – Virtual Machine MonitorsUntagged TLB» Have to flush on context switches (just a performance issue)z Why Intel and AMD have added virtualization supportMarch 7, 2007 7XenXenz Uses “paravirtualization” Fancy word for “we have to modify & recompile the OS”yyp Since you’re modifying the OS, make life easy for yourself Create a VMM interface to minimize porting and overheadz Xen hypervisor (VMM) implements interface VMM runs at privilege, VMs (domains) run unprivileged Trusted OS (Linux) runs in own domain (Domain0)» Use Domain0 to manage system, operate devices, etc.© 2007 Keith Marzullo and Geoffrey M. VoelkerCSE 120 – Lecture 16 – Virtual Machine Monitorsz Most recent version of Xen does not require OS mods Because of Intel/AMD hardware supportz Commercialized via XenSource, but also open sourceMarch 7, 2007 85XenXen ArchitectureArchitecture© 2007 Keith Marzullo and Geoffrey M. VoelkerCSE 120 – Lecture 16 – Virtual Machine MonitorsMarch 7, 2007 9VMwareVMwarez VMware workstation uses hosted modelVMM runs unprivileged installed on base OSVMM runs unprivileged, installed on base OS Relies upon base OS for device functionalityz VMware ESX server uses hypervisor model Similar to Xen, but no guest domain/OSz VMware uses software virtualization Dynamic binary rewriting translates code executed in VM»Rewrite privileged instructionswith emulation code (may trap)© 2007 Keith Marzullo and Geoffrey M. VoelkerCSE 120 – Lecture 16 – Virtual Machine Monitors»Rewrite privileged instructions with emulation code (may trap) CPU only executes translated code Think JIT compilation for JVM, but» full binary x86 Æ IR code Æ safe subset of x86 Incurs overhead, but can be well-tuned (small % hit)March 7, 2007 106VMware Hosted ArchitectureVMware Hosted Architecture© 2007
View Full Document
Unlocking...