CSE 120 Principles of Operating Systems Spring 2009Virtual Machine MonitorsWhat is a VMM?Why in tarnation would you do such a crazy thing? VMM RequirementsRough VMM ModelVirtualizing the x86XenXen ArchitectureVMwareVMware Hosted Architecture What needs to be virtualized?Virtualizing Privileged InstsVirtualizing the CPUVirtualizing EventsVirtualizing I/OVirtualized I/O ModelsVirtualizing MemoryXen ParavirtualizationShadow Page TablesShadow Page Tables (2)Shadow Page Tables (3)Memory AllocationHardware SupportHardware Support (2)Cool VMM Tricks @ UCSDCool VMM Tricks @ UCSDSummarySlide Number 29Next TimeOther VMM SystemsOther Cool TricksCSE 120Principles of Operating SystemsSpring 2009Lecture 16: Virtual Machine MonitorsGeoffrey M. VoelkerVirtual Machine Monitors Virtual Machine Monitors (VMMs) are a hot topic in industry and academia Industry commitment» Software: VMware, Xen, Microsoft Virtual PC» Hardware: Intel VT, AMD-V If Intel and AMD add it to their chips, you know it’s serious… Academia: lots of VMM-based projects and papers An old idea, actually: developed by IBM in 60s and 70s Today What is it, what problems have to be solved, how to solve them Survey some virtualization systems Briefly outline cool things you can do with virtualizationJune 1, 2009 CSE 120 – Lecture 16 – Virtual Machine Monitors 2What is a VMM? We have seen that an OS already virtualizes Syscalls, processes, virtual memory, file system, sockets, etc. Applications program to this interface A VMM virtualizes an entire physical machine Interface supported is the hardware» OS defines a higher-level interface VMM provides the illusion that software has full control over the hardware (of course, VMM is in control) VMM “applications” run in virtual machines (c.f., OS processes) Implications You can boot an operating system in a virtual machine Run multiple instances of an OS on same physical machine Run different OSes simultaneously on the same machine» Linux on Windows, Windows on Mac, etc.June 1, 2009 CSE 120 – Lecture 16 – Virtual Machine Monitors 3Why in tarnation would you do such a crazy thing? Resource utilization Machines today are powerful, want to multiplex their hardware» e.g., ISP hosting can divvy up a physical machine to customers Can migrate VMs from one machine to another without shutdown Software use and development Can run multiple OSes simultaneously» No need to dual boot Can do system (e.g., OS) development at user-level Many other cool applications Debugging, emulation, security, speculation, fault tolerance… Common theme is manipulating applications/services at the granularity of a machine Specific version of OS, libraries, applications, etc., as packageJune 1, 2009 CSE 120 – Lecture 16 – Virtual Machine Monitors 4CSE 120 – Lecture 16 – Virtual Machine MonitorsVMM Requirements Fidelity OSes and applications work the same without modification» (although we may modify the OS a bit) Isolation VMM protects resources and VMs from each other Performance VMM is another layer of software…and therefore overhead» As with OS, want to minimize this overhead VMware:» CPU-intensive apps: 2-10% overhead» I/O-intensive apps: 25-60% overheadJune 1, 2009 5CSE 120 – Lecture 16 – Virtual Machine MonitorsRough VMM Model VMM runs with privilege OS in VM runs at “lesser” privilege (think user-level) VMM multiplexes resources among VMs Want to run OS code in a VM directly on CPU Think in terms of making the OS a user-level process What OS code can run directly, what will cause problems? Ideally, want privileged instructions to trap Exception vectors to VMM, it emulates operation, returns Nothing modified, running unprivileged is transparant Known as trap-and-emulate Unfortunately on architectures like x86, not so easyJune 1, 2009 6CSE 120 – Lecture 16 – Virtual Machine MonitorsVirtualizing the x86 Ease of virtualization influenced by the architecture x86 is perhaps the last architecture you would choose But it’s what everyone uses, so…that’s what we deal with Issues Unvirtualizable events» popf does not trap when it cannot modify system flags Hardware-managed TLB» VMM cannot easily interpose on a TLB miss (more in a bit) Untagged TLB» Have to flush on context switches (just a performance issue) Why Intel and AMD have added virtualization supportJune 1, 2009 7CSE 120 – Lecture 16 – Virtual Machine MonitorsXen Early versions use “paravirtualization” Fancy word for “we have to modify & recompile the OS” Since you’re modifying the OS, make life easy for yourself Create a VMM interface to minimize porting and overhead Xen hypervisor (VMM) implements interface VMM runs at privilege, VMs (domains) run unprivileged Trusted OS (Linux) runs in own domain (Domain0)» Use Domain0 to manage system, operate devices, etc. Most recent version of Xen does not require OS mods Because of Intel/AMD hardware support Commercialized via XenSource, but also open sourceJune 1, 2009 8CSE 120 – Lecture 16 – Virtual Machine MonitorsXen ArchitectureJune 1, 2009 9CSE 120 – Lecture 16 – Virtual Machine MonitorsVMware VMware workstation uses hosted model VMM runs unprivileged, installed on base OS Relies upon base OS for device functionality VMware ESX server uses hypervisor model Similar to Xen, but no guest domain/OS VMware uses software virtualization Dynamic binary rewriting translates code executed in VM» Rewrite privileged instructions with emulation code (may trap) CPU only executes translated code Think JIT compilation for JVM, but» full binary x86 IR code safe subset of x86 Incurs overhead, but can be well-tuned (small % hit)June 1, 2009 10CSE 120 – Lecture 16 – Virtual Machine MonitorsVMware Hosted ArchitectureJune 1, 2009 11CSE 120 – Lecture 16 – Virtual Machine MonitorsWhat needs to be virtualized? Exactly what you would expect CPU Events (exceptions and interrupts) Memory I/O devices Isn’t this just duplicating OS functionality in a VMM? Yes and no Approaches will be similar to what we do with OSes» Simpler in functionality, though (VMM much smaller than OS) But implements a different abstraction» Hardware interface vs. OS interfaceJune 1, 2009 12CSE 120 – Lecture 16 –
View Full Document
Unlocking...