VIRTUALIZATION TECHNOLOGY

Adam Curran

Outline

What is Virtualization? The Basic Idea Usage Models Para-virtualization vs. Binary Translation Intel’s VT-x Architecture

Why is it Cool? Applications of Virtualization

What is Virtualization?

The Basic Idea A Virtual Machine Monitor (VMM) runs on

top of a host OS VMMs have the highest level of

permission (ring 0) One or more guest OS’s may run on top

of the VMM, sharing the physical hardware.

Guest OS’s are unaware of the VMM and any other guest OS’s running on the same machine.

These “guests” are called Virtual Machines (VMs)

What is Virtualization?

What is Virtualization?

Usage Models Workload Isolation

VMs are totally encapsulated Applications are unaware of other VMs,

offering a high level of protection

What is Virtualization?

Usage Models (cont.) Workload Consolidation

Better CPU core utilization Legacy and current software on the same

physical platform.

What is Virtualization?

Usage Models (cont.) Workload Migration

Complete state of VM can be saved as a “snapshot”

Snapshot is a large binary file with no references to underlying hardware

What is Virtualization?

Para-virtualization vs. Binary Translation Para-virtualization

Involves modifying the guest OS kernel Yields high performance Only modified kernels can be virtualized

Binary Translation Binaries of OS kernel are modified rather

than kernel source Much wider range of supported OS’s. Higher performance overhead

What is Virtualization?

Full Virtualization: Intel’s VT-x architecture Captures both high performance and

support for a wide range of guest OS’s CPU operation modes: VMX root and

VMX non-root VMX root acts much like normal IA-32

without virtualization and is intended for the VMM

VMX non-root is for the guest OS Both modes support all 4 privilege rings,

eliminating the need for binary translation.

What is Virtualization?

Full Virtualization: Intel’s VT-x architecture VM entry and VM exit

Transitions between VMX root and VMX non-root

Allows for CPU control to be passed between the VMM and the guest OS when needed

Monitored and executed at specific times by the Virtual-Machine Control Structure (VMCS)

What is Virtualization?

Why is it Cool?

New applications because of easier accessibility and feasibility

Virtual Capture and Replay (VCR) VM’s snapshot capability used to

replicate exact execution environments Hard to reproduce crashes can be

replayed over and over for root-cause analysis

Hypothetical what-if scenarios

Why is it Cool?

Why is it Cool?

Unknown Malware Detection Malware is detected by recognizing

behavioral patterns by tracing system calls

Tracing software must run close to malware and can be detected

Malware application in a VM cannot detect tracing software if it is being run by the VMM, host OS, or another VM.

Why is it Cool?

Why is it Cool?

Virtualization and High-Performance Computing (HPC) Clusters made easy Better utilization of physical resources

because of workload consolidation Higher modularity and security between

customers applications because of workload isolation

Better load balancing because of workload migration

Why is it Cool?

Cloud Computing and vSaaS Software as a Service (SaaS) in Cloud

Computing Front-end : what the user sees Back-end : where the muscle work is done The Cloud : the glue holding the front and back

ends together Problems

Legacy software compatibility issues SaaS provides software as web-based

applications Even local jobs go out to the cloud first

Why is it Cool?

Why is it Cool?

Cloud Computing and vSaaS vSaaS

Dynamic software deployment Ability to launch virtualized software

before it is fully downloaded, delivering it in a streaming manner

Desktop Merging* Mobile device access 6-layer architecture

Why is it Cool?

Why is it Cool?

Merged Desktop running both Windows and Linux native applications seamlessly

Conclusion

New technology to support old technology

Intel’s VT-x architecture Makes virtualization more accessible and

much more feasible Numerous applications

Cloud Computing and vSaaS

References

BERTOLINO, A., De ANGELIS, G., SABETTA, A. VCR: Virtual Capture and Replay for Performance Testing. In Proceedings of 2008 23rd IEEE/ACM International Conference on Automated Software Engineering. IEEE Computer Society, Washington, DC, pp 399-402. 2008.

BOWER, T. Experiences With Virtualization Technology In Education. In Journal of Computing Sciences in Colleges, vol.25, no.5, pp 311-318, May 2010.

DONG, H., HAO, Q., AND ZHANG, T. Formal Discussion on Relationship between Virtualization and Cloud Computing. In Proceedings of the 2010 International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT ’10). IEEE Computer Society, Washington, DC, pp 448-453. December 2010.

GRIT, L., IRWIN, D., YUMEREFENDI, A., AND CHASE, J. Virtual Machine Hosting for Networked Clusters: Building the Foundations for “Autonomic” Orchestration. In Proceedings of the 2nd International Workshop on Virtualization Technology in Distributed Computing (VTDC ’06). IEEE Computer Society, Washington, DC, pp 7, 2006.

SEHGAL, N. K., AND GANGULI, M. Applications of Virtualization for Server Management and Security. In Proceedings of the IEEE International Conference on Industrial Technology (ICIT ’06). IEEE Computer Society, Washington, DC, pp 2752-2755. December 2006.

SHAN, Z., YU, Y., AND CHIUEH, T. Confining Windows Inter-Process Communications for OS-Level Virtual Machine. In Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems (VDTS ’09). ACM, New York, NY, pp 30-35, 2009.

SIMMONS, J. E., AND BUELL, J. Virtualizing High Performance Computing. In ACM SIGOPS Operating Systems Review, vol.44, no.4, pp 136-145, December 2010.

TSUGAWA, M., MATSUNAGA, A., AND FORTES, J. A. B. Virtualization Technologies in Transitional DG. In ’06 Proceedings of the 2006 International Conference on Digital Government Research. ACM, New York, NY, pp 456-457, 2006.

UHLIG, R., NEIGER, G., RODGERS, D., SANTONI, A. L., MARTINS, F. C.M., ANDERSON, A. V., BENNET, S. M., KÄGI, A., LEUNG, F. H., AND SMITH, L. Intel Virtualization Technology. Computer, vol.38, no.5, pp 48-56, May 2005.

ZHAO, H., ZHENG, N., LI, J., YAO, J., AND HOU, Q. Unknown Malware Detection Based on the Full Virtualization and SVM. In Proceedings of the International Conference on Management of e-Commerce and e-Government (ICMECG ’09). IEEE Computer Society, Washington, DC, pp 473-476. September 2009.

ZHONG, L., WO, T., LI, J., AND LI, B. A Virtualization-based SaaS Enabling Architecture for Cloud Computing. In Proceedings of the 2010 Sixth International Conference on Autonomic and Autonomous Systems (ICAS ’10). IEEE Computer Society, Washington, DC, pp 144-149. March 2010.