UNIT II-VIRTUALIZATION BASICS

Virtual Machine Basics – Taxonomy of Virtual Machines – Hypervisor – Key Concepts –

Virtualization structure – Implementation levels of virtualization – Virtualization Types: Full
Virtualization – Para Virtualization – Hardware Virtualization – Virtualization of CPU,
Memory and I/O devices.

VIRTUAL MACHINE
A Virtual Machine (VM) is a compute resource that uses software instead of a physical computer
to run programs and deploy apps. One or more virtual “guest” machines run on a physical “host”
machine. A virtual machine (VM) is a digital version of a physical computer. Virtual machine
software can run programs and operating systems, store data, connect to networks, and do other
computing functions, and requires maintenance such as updates and system monitoring. A
virtual machine (VM) is a software-based computer that exists within another computer’s
operating system, often used for the purposes of testing, backing up data, or running SaaS
applications. To grasp how VMs work, it’s important to first understand how computer software
and hardware are typically integrated by an operating system.
How multiple virtual machines work
Multiple VMs can be hosted on a single physical machine, often a server, and then managed
using virtual machine software. This provides flexibility for compute resources (compute,
storage, network) to be distributed among VMs as needed, increasing overall efficiency. This
architecture provides the basic building blocks for the advanced virtualized resources we use
today, including cloud computing.
How does cloud computing use virtual machines?
Several cloud providers offer virtual machines to their customers. These virtual machines
typically live on powerful servers that can act as a host to multiple VMs and can be used for a
variety of reasons that wouldn’t be practical with a locally-hosted VM. These include:
Running SaaS applications - Software-as-a-service, or SaaS for short, is a cloud-based method
of providing software to users, in which an application is served to user over the Internet rather
than running on their computers. Often, it is virtual machines in the cloud that do the
computation for SaaS applications as well as delivering them to users. If the cloud provider has
a geographically distributed network edge, then the application will run closer to the user,
resulting in faster performance.
Backing up data - Cloud-based VM services are popular for backing up data, because the data
can be accessed from anywhere. Plus, cloud VMs provide better redundancy, require less
maintenance, and generally scale better than physical data centers. (For example, it’s relatively
 easy to buy an extra gigabyte of storage space from a cloud VM provider, but much more
difficult to build a new local data server for that extra gigabyte of data.)
Hosting services like email and access management - Hosting these services on cloud VMs is
generally faster and more cost-effective, and helps minimize maintenance and offload security
concerns as well.
Browswer isolation - Some browser isolation tools use cloud VMs to run web broswing activity
and deliver safe content to users via a secure Internet connection

VIRTUALIZATION

• Virtualization is a technique, which allows sharing single physical instance of an

application or resource among multiple organizations or tenants (customers).
Virtualization is hypervisor-based. The hypervisor isolates the OS and applications from
the underlying computer hardware so the host machine can run multiple VMs as guests
that share the system's physical compute resources, such as processor cycles, memory
space and network bandwidth.

• Virtualization is a proved technology that makes it possible to run multiple operating

system and applications on the same server at same time.

• Virtualization is the process of creating a logical(virtual) version of a server operating

system, a storage device, or network services.

• The technology that work behind virtualization is known as a virtual machine

monitor(VM), or virtual manager which separates compute environments from the actual
physical infrastructure.

• Virtualization -- the abstraction of computer resources.

• Virtualization hides the physical characteristics of computing resources from their users,
applications, or end users.

• This includes making a single physical resource (such as a server, an operating system, an
application, or storage device) appear to function as multiple virtual resources.
• It can also include making multiple physical resources (such as storage devices or
servers) appear as a single virtual resource.

• In computing, virtualization refers to the act of creating a virtual (rather than actual)
version of something, like computer hardware platforms, operating systems, storage
devices, and computer network resources

• Creation of a virtual machine over existing operating system and hardware.

• Host machine: The machine on which the virtual machine is created.

• Guest machine: virtual machines referred as a guest machine.

• Hypervisor: Hypervisor is a firmware or low-level program that acts as a Virtual

Machine Manager.

Figure 2.10 Virtualization Example

 Advantages of Virtualization:

1. Reduced Costs.

2. Efficient hardware Utilization.

3. Virtualization leads to better resource Utilization and increase performance

4. Testing for software development.

5. Increase Availability

6. Save energy

7. Shifting all your Local Infrastructure to Cloud in a day

8. Possibility to Divide Services

9. Running application not supported by the host.

HYPERVISOR

A hypervisor is software that creates and runs virtual machines (VMs). A hypervisor, sometimes called a
virtual machine monitor (VMM), isolates the hypervisor operating system and resources from the virtual
machines and enables the creation and management of those VMs. A Cloud Hypervisor is software that
enables the sharing of cloud provider's physical compute and memory resources across multiple virtual
machines (VMs). The hypervisor is a hardware virtualization technique that allows multiple guest
operating systems (OS) to run on a single host system at the same time.
A hypervisor is a form of virtualization software used in Cloud hosting to divide and allocate the
resources on various pieces of hardware. The program which provides partitioning, isolation, or
abstraction is called a virtualization hypervisor. The hypervisor is a hardware virtualization technique
that allows multiple guest operating systems (OS) to run on a single host system at the same time. A
hypervisor is sometimes also called a virtual machine manager(VMM).

A hypervisor is a form of virtualization software used in Cloud hosting to divide and allocate the
resources on various pieces of hardware. The program which provides partitioning, isolation, or
abstraction is called a virtualization hypervisor. The hypervisor is a hardware virtualization technique
that allows multiple guest operating systems (OS) to run on a single host system at the same time. A
hypervisor is sometimes also called a virtual machine manager(VMM).
The hypervisor has the capacity to run many operating systems single-handedly. The types of
hypervisors are made due to the very fact that it has different ways to handle OS. The classifications are;
Type 1 Hypervisor:

It is a hardware-based hypervisor with a single physical server at the base of the stack that doesn’t need
its own operating [Link] other layer is of hypervisor which is directly installed on the server, above
this, there is another layer of an [Link] Type 1 Hypervisor’s role is to directly run on the actual server
with direct access to hardware resources, obviating the need for the OS to be aware of the hypervisor
layer’s presence.
Examples of Type 1 Hypervisor are ESXI from Vmware, Hyper V from Microsoft, and Oracle VM
fRom Oracle.

Type 2 Hypervisor:

The software-based hypervisor also has one physical server at the bottom which has a different OS
known as the host operating system and runs on the underlying host [Link] name of this type is
Hosted Hypervisor. Such hypervisors operate as applications within a Host system rather than running
directly over the underlying [Link] software is essentially put on an operating system. The
hypervisor requests hardware calls from the operating system.

Examples of Type 2 Hypervisor are Virtual Box from Oracle, Vmware Workstation from Vmware, and
Virtual PC from Microsoft
IMPLEMENTATION LEVELS OF VIRTUALIZATION
Virtualization is a computer architecture technology by which multiple virtual machines
(VMs) are multiplexed in the same hardware machine. The purpose of a VM is to enhance
resource sharing by many users and improve computer performance in terms of resource
utilization and application [Link] resources (CPU, memory, I/O devices, etc.) or
software resources(operating system and software libraries) can be virtualized in various
functional [Link] idea is to separate the hardware from the software to yield better system
efficiency. For example, computer users gained access to much enlarged memory space when the
concept of virtual memory was introduced. Similarly, virtualization techniques can be applied to
enhance the use of compute engines, networks and storage.
Levels of Virtualization:
A traditional computer runs with host operating system specially tailored for its hardware
architecture, as shown in Figure 2.11 (a). After virtualization, different user applications
managed by their own operating systems (guest OS) can run on the same hardware, independent
of the host OS.
This is often done by adding additional software, called a virtualization layer as shown in
Figure 2.11 (b). This virtualization layer is known as hypervisor or virtual machine monitor
(VMM) .The VMs are shown in the upper boxes, where applications run with their own guest OS
over the virtualized CPU, memory, and I/O resources. The main function of the software layer
for virtualization is to virtualize the physical hardware of a host machine into virtual resources to
be used by the VMs, exclusively. The virtualization software creates the abstraction of VMs by
interposing a virtualization layer at various levels of a computer system. Common virtualization
layers include the instruction set architecture (ISA) level, hardware level, operating system level,
library support level, and application level.
 Figure 2.11 The architecture of a computer system before and after Virtualization

\
Fig: Virtualization Ranging From Hardware To Application In Five Abstraction Level

Instruction Set Architecture Level:

At the ISA level, virtualization is performed by emulating a given ISA by the ISA of the host
machine. For example, MIPS binary code can run on an x86-based host machine with the help of
ISA emulation. With this approach, it is possible to run a large amount of legacy binary code

written for various processors on any given new hardware host machine. Instruction set
emulation leads to virtual ISAs created on any hardware [Link] basic emulation method is
through code interpretation. An interpreter program interprets the source instructions to target
instructions one by one. OneSource instruction may require tens or hundreds of native target
instructions to perform its function. Obviously, this process is relatively slow. For better
performance, dynamic binary translation is desired.
This approach translates basic blocks of dynamic source instructions to target
instructions. The basic blocks can also be extended to program traces or super blocks to increase
translation efficiency. Instruction set emulation requires binary translation and optimization. A
virtual instruction set architecture (V-ISA) thus requires adding a processor-specific software
translation layer to the compiler.
Hardware Abstraction Level:
Hardware-level virtualization is performed right on top of the bare hardware. The idea is
to virtualize a computer’s resources, such as its processors, memory, and I/O devices. The
intention is to upgrade the hardware utilization rate by multiple users concurrently.
Operating System Level:
This refers to an abstraction layer between traditional OS and user applications. OS-level
virtualization creates isolated containers on a single physical server and the OS instances to
utilize the hardware and software in [Link] containers behave like real servers. OS-level
virtualization is commonly used in creating virtual hosting environments to allocate hardware
resources among a large number of mutually distrusting users. It is also used, to a lesser extent,
in consolidating server hardware by moving services on separate hosts into containers or VMs on
one server.

Library Support Level:

Most applications use APIs exported by user level libraries rather than using lengthy system calls
by the OS. Since most systems provide well documented APIs, such an interface becomes
another candidate for [Link] with library interfaces is possible by
controlling the communication link between applications and the rest of a system through API
hooks. The software tool WINE has implemented this approach to support Windows
applications on top of UNIX hosts. Another example is the vCUDA which allows applications
executing within VMs to leverage GPU hardware acceleration.
User-Application Level:
Virtualization at the application level virtualizes an application as a VM. On a traditional
OS, an application often runs as a process. Therefore, application-level virtualization is also
known as process-level virtualization. The most popular approach is to deploy high level
language (HLL)VMs
VMM Design Requirements and Providers
Hardware-level virtualization inserts a layer between real hardware and traditional
operating systems. This layer is commonly called the Virtual Machine Monitor (VMM) and it
manages the hardware resources of a computing system. Each time programs access the
hardware the VMM captures the process. VMM acts as a traditional [Link] hardware
component, such as the CPU, can be virtualized as several virtual copies. Therefore, several
traditional operating systems which are the same or different can sit on the same set of hardware
simultaneously.
Three requirements for a VMM
 First, a VMM should provide an environment for programs which is essentially identical
to the original machine.
 Second, programs run in this environment should show, at worst, only minor decreases in
speed.
 Third, a VMM should be in complete control of the system resources

Virtualization Support at the OS Level

With the help of VM technology, a new computing mode known as cloud
computing is emerging. Cloud computing is transforming the computing landscape by shifting
the hardware and staffing costs of managing a computational center to third parties, just like
banks. However, cloud computing has at least two challenges.

 The first is the ability to use a variable number of physical machines and VM instances
depending on the needs of a problem.
 The second challenge concerns the slow operation of instantiating new VMs.
 Currently, new VMs originate either as fresh boots or as replicates of a template
VM, unaware of the current application state. Therefore, to better support cloud computing, a
large amount of research and development should be done.

Virtualization on Linux or Windows Platforms

Virtualization support on the Windows-based platform is still in the research stage. The
Linux kernel offers an abstraction layer to allow software processes to work with and operate on
resources without knowing the hardware details. New hardware may need a new Linux kernel to
support. Therefore, different Linux platforms use patched kernels to provide special support for
extended functionality.

VIRTUALIZATION TYPE
Para-Virtualization
Paravirtualization is a virtualization technique that provides an interface to virtual
machines that are similar to their underlying hardware. In paravirtualization, the guest operating
system is explicitly ported before installing a virtual machine because a non-tailored guest
operating system cannot run on top of a virtual machine monitor (VMM).
Para-virtualization needs to modify the guest operating systems. A para-virtualized VM
provides special APIs requiring substantial OS modifications in user applications. Performance
degradation is a critical issue of a virtualized system. No one wants to use a VM if it is much
slower than using a physical machine. The interaction of the guest operating system with the
hypervisor to improve performance and productivity is known as paravirtualization. Unlike full
virtualization, paravirtualization does not achieve full isolation; instead, the approach
 implements partial isolation. It also alters the operating system kernel to use hypercalls
rather than non-virtualizable instructions. The goal of hypercalls is to communicate with the
virtualization layer hypervisor directly.
The hypervisor performs different functions in paravirtualization, such as the layout of the
hypercalls interface for other critical kernel services like memory management, timekeeping, and
interrupt handling. The main benefit of paravirtualization is that it may significantly minimize
virtualization [Link] virtualization layer can be inserted at different positions in a
machine software stack. However, para-virtualization attempts to reduce the virtualization
overhead, and thus improve performance by modifying only the guest OS kernel. The guest
operating systems are para- virtualized. The traditional x86 processor offers four instruction
execution rings: Rings 0,1, 2, and 3. The lower the ring number, the higher the privilege of
instruction being executed. The OS is responsible for managing the hardware and the privileged

instructions to execute at Ring 0, while user-level applications run at Ring 3

Figure 2.14 Para-virtualized VM architecturE

Para-Virtualization Architecture:
When the x86 processor is virtualized, a virtualization layer is inserted between the
hardware and the OS. According to the x86 ring definitions, the virtualization layer should also
be installed at Ring 0. The para-virtualization replaces non virtualizable instructions with hyper
calls that communicate directly with the hypervisor or VMM. However, when the guest OS
kernel is modified for virtualization, it can no longer run on the hardware directly.
Although para-virtualization reduces the overhead, it has incurred other problems. First,
its compatibility and portability may be in doubt, because it must support the unmodified OS as
well. Second, the cost of maintaining para-virtualized OSes is high, because they may require
deep OS kernel modifications. Finally, the performance advantage of para virtualization varies
greatly due to workload variations.
Full virtualization
Full virtualization offers the best isolation and security for virtual machines, and
simplifies migration and portability as the same guest OS instance can run virtualized or on
native hardware. VMware's virtualization products and Microsoft Virtual Server are examples of
full virtualization

Full virtualization is a virtualization technique used to provide a VME that completely

simulates the underlying hardware. In this type of environment, any software capable of
execution on the physical hardware can be run in the VM, and any OS supported by the
underlying hardware can be run in each individual VM. It operates by combining binary
translation and direct compilation, where the guest operating system is completely separated
from the basic hardware and virtualization layer. As a result, whatever the virtual machines
produce, the underlining hardware is rewritten by a dynamic translator. It involves a lack of
expertise in virtualization on the guest OS end, and change is inevitable.

ESXi, VMWare, and Microsoft virtual servers are the technologies that provide full
virtualization capabilities. When an OS instruction is created, the hypervisor immediately
translates it during run-time and stores the result for future reference. At the same time, the user-
level instructions are run without changes at native speed. Although the primary goal of storing
the translated instructions during binary translation is to improve performance, it may raise the
cost of memory usage. Binary translation is another drawback of full virtualization because it
consumes a lot of time and may get a huge performance overhead. I/O intensive apps are
complicated to use in full virtualization.
Hardware virtualization

Hardware virtualization is the method used to create virtual versions of physical desktops
and operating systems. It uses a virtual machine manager (VMM) called a hypervisor to provide
abstracted hardware to multiple guest operating systems, which can then share the physical
hardware resources more efficiently.

 More Efficient Resource Utilization: Physical resources can be shared among

virtual [Link] Overall Costs Because Of Server [Link]
Uptime Because Of Advanced Hardware Virtualization Features,Increased IT
Flexibility
It is the abstraction of computing resources from the software that uses cloud resources. It
involves embedding virtual machine software into the server's hardware components. That
software is called the hypervisor. The hypervisor manages the shared physical hardware resources
between the guest OS & the host OS. The abstracted hardware is represented as actual hardware.
Virtualization means abstraction & hardware virtualization is achieved by abstracting the physical
hardware part using Virtual Machine Monitor (VMM) or hypervisor. Hypervisors rely on
command set extensions in the processors to accelerate common virtualization activities for
boosting the performance. The term hardware virtualization is used when VMM or virtual
machine software or any hypervisor gets directly installed on the hardware system. The primary
task of the hypervisor is to process monitoring, memory & hardware controlling. After hardware
virtualization is done, different operating systems can be installed, and various applications can
run on it. Hardware virtualization, when done for server platforms, is also called server
virtualization.
VIRTUALIZATION OF CPU, MEMORY, AND I/O DEVICES
To support virtualization, processors such as the x86 employ a special running mode and
instructions, known as hardware-assisted virtualization. In this way, the VMM and guest OS run
in different modes and all sensitive instructions of the guest OS and its applications are trapped
in the VMM. To save processor states, modes witching are completed by hardware. For the
x86architecture, Intel and AMD have proprietary technologies for hardware-assisted
virtualization.
Hardware Support for Virtualization: Modern operating systems and processors permit
multiple processes to run simultaneously. If there is no protection mechanism in a processor, all
instructions from different processes will access the hardware directly and cause a system crash.
Therefore, all processors have at least two modes, user mode and supervisor mode, to ensure
controlled access of critical hardware. Instructions running in supervisor mode are called
privileged instructions.
Other instructions are unprivileged instructions. In a virtualized environment, it is more
difficult to make OSes and applications run correctly because there are more layers in the
machine stack.
CPU Virtualization:
A VM is a duplicate of an existing computer system in which a majority of the VM
instructions are executed on the host processor in native mode. Thus, unprivileged instructions of
VMs run directly on the host machine for higher efficiency. Other critical instructions should be
handled carefully for correctness and stability. The critical instructions are divided into three
categories:
Privileged instructions - Privileged instructions execute in a privileged mode and will be
trapped if executed outside this mode.
Control sensitive instructions - Control-sensitive instructions attempt to change the
configuration of resources used.
Behavior-sensitive instructions - Behavior-sensitive instructions have different behaviors
depending on the configuration of resources, including the load and store
operations over the virtual memory.
A CPU architecture is virtualizable if it supports the ability to run the VM’s privileged
and privileged instructions in the CPU’s user mode while the VMM runs in supervisor mode.
When the privileged instructions including control- and behavior sensitive instructions of a VM
are executed, they are trapped in the VMM. In this case, the VMM acts as a unified mediator for
hardware access from different VMs to guarantee the correctness and stability of the whole
system. RISC CPU architectures can be naturally virtualized because all control- and behavior-
sensitive instructions are privileged instructions.
Hardware-Assisted CPU Virtualization:
This technique attempts to simplify virtualization because full or para virtualization is
complicated. Intel and AMD add an additional mode called privilege mode level (some people
call it Ring-1) to x86 processors. Therefore, operating systems can still run at Ring 0 and the
hypervisor can run at Ring -[Link] the privileged and sensitive instructions are trapped in the
hypervisor automatically. This technique removes the difficulty of implementing binary
translation of full virtualization. It also lets the operating system run in VMs without
modification.
Memory Virtualization:
Virtual memory virtualization is similar to the virtual memory support provided by
modern operating systems. In a traditional execution environment, the operating system
maintains mappings of virtual memory to machine memory using page tables, which is a one-
stage mapping from virtual memory to machine memory. All modern x86 CPUs include a
memory management unit (MMU) and a translation lookaside buffer (TLB) to optimize virtual
memory [Link], in a virtual execution environment, virtual memory
virtualization involves sharing the physical system memory in RAM and dynamically
allocating it to the physical
memory of the VMs. That means a two-stage mapping process should be maintained by
the guest OS and the VMM, respectively: virtual memory to physical memory and
physical memory to machine memory. Furthermore, MMU virtualization should be
supported, which is transparent to the guest OS. The guest OS continues to control the
mapping of virtual addresses to the physical memory addresses of VMs. But the guest
OS cannot directly access the actual machine memory. The VMM is responsible for
mapping the guest physical memory to the actual machine memory. Figure 2.16 shows
the two-level memory mapping procedure.

I/O Virtualization:
I/O virtualization involves managing the routing of I/O requests between virtual devices
and theshared physical hardware. There are three ways to implement I/O virtualization:
 Full device emulation
 Para virtualization
 Direct I/O

Figure 2.16 Two-level memory mapping procedure.

Full device emulation is the first approach for I/O virtualization. Generally, this
approach emulates well known, real-world devices. All the functions of a device or bus
infrastructure, such as device enumeration, identification, interrupts, and DMA, are
replicated in software. This software is located in the VMM and acts as a virtual device.
The I/O access requests of the guest OS are trapped in the VMM which interacts with the
I/O devices.A single hardware device can be shared by multiple VMs that run
concurrently. However, software emulation runs much slower than the hardware it
emulates. The paravirtualization method of I/O virtualization is typically used in Xen. It
is also known as the split driver model consisting of a frontend driver and a backend
driver. The frontend driver is running in Domain U and the backend driver is running in
Domain 0. They interact with each other via a block of shared memory. The frontend
driver manages the I/O requests of the guest OSes and the backend driver is responsible
for managing the real I/O devices and multiplexing the I/O data of different VMs.
Although para I/O-virtualization achieves better device performance than full device
emulation, it comes with a higher CPU overhead.

Figure 2.17 Device emulation for I/O virtualization implemented inside the
middle layerthat maps real I/O devices into the virtual devices for the guest
device driver to use.