OS Virtualization

Tanenbaum 8.3
See references
 Outline
• Background
• What is Virtualization?
• Why would we want it?
• Why is it hard?
• How do we do it?
• Choices

cs431-cotter 2
MicroKernel
 What is Virtualization?
• OS virtualization
– Create a platform that emulates a hardware
platform and allow multiple instances of an
OS to use that platform, as though they have
full and exclusive access to the underlying
hardware

cs431-cotter 4
 What is Virtualization?

Applications Applications Applications Applications

OS 1 OS 2 OS 3 OS 4

Virtualization Platform

Hardware

cs431-cotter 5
 Virtualization – Why?
• Server Consolidation
– Often many servers support 1 major application
– Strong isolation between VMs
– Virtualization saves on hardware & energy
• Disaster Recovery
• High Availability
• Testing and Deployment

cs431-cotter 6
 Virtualization – Why?
• Desktop Consolidation
– Support for legacy applications
– Software Development
– Training

cs431-cotter 7
 The Problem
• OS uses kernel mode / user mode to
protect the OS.
– System calls (privileged instructions) generate
a trap (software interrupt) that forces a switch
to kernel mode
– These calls trigger sensitive instructions (I/O,
MMU control, etc.) that must only be executed
by the kernel

cs431-cotter 8
 The Problem
• If our VM now runs in user space, we
cannot run sensitive instructions in it, since
those must trap to kernel space.
• Solved in 2005 with new CPUs
– Intel Core 2 – VT (Virtualization Technology)
– AMD Pacific – SVM (Secure Virtual Machine)
– Provides new instructions that allow VM to
capture traps

cs431-cotter 9
 Implementation
• Type 1 Hypervisor
• Type 2 Hypervisor
• Paravirtualization

cs431-cotter 10
 Type 1 Hypervisor
• Runs on “bare metal”
• Virtual machines run in user mode
– VM runs the guest OS (which thinks it is
running in kernel mode) – Virtual kernel Mode
– If guest OS calls sensitive instructions,
hypervisor will trap and execute the
instructions.
– If application on guest OS calls sensitive
instructions (system calls), hypervisor traps to
guest OS.
cs431-cotter 11
 Type 1 Hypervisors

Figure 8-26. When the operating system in a virtual machine

executes a kernel-only instruction, it traps to the hypervisor if
virtualization technology is present.

cs431-cotter 12
Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639
 Type 2 Hypervisor
• Runs from within a OS.
• Supports guest OSs above it.
– Boot from CD to load new OS
– Read in code, looking for basic blocks
– Then inspect basic block to find sensitive instructions.
If found, replace with VM call (process called binary
translation)
– Then, cache block and execute.
– Eventually all basic blocks will be modified and
cached, and will run at near native speed.

cs431-cotter 13
 Type 2 Hypervisor

Applications Applications Applications

OS 1 OS 2 OS 3

Virtualization Platform Applications

Base Operating System

Hardware

cs431-cotter 14
 Paravirtualization
• Modify Guest OS so that all calls to
sensitive instructions are changed to
hypervisor calls.
• Much easier (and more efficient) to modify
source code than to emulate hardware
instructions (as in binary translation).
• In effect, turns the hypervisor into a
microkernel.

cs431-cotter 15
 Paravirtualization (1)

Figure 8-27. A hypervisor supporting both true

virtualization and paravirtualization.
cs431-cotter 16
Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639
 Problems with Paravirtualization
• Paravirtualized systems won’t run on
native hardware
• There are many different paravirtualization
systems that use different commands, etc.
– VMware, Xen, etc.
• Proposed solution:
– Modify the OS kernel so that it calls a special
set of procedures to execute sensitive
instructions (Virtual Machine Interface )
• Bare metal – link to library that implement code
• On VM – link to VM specific library
cs431-cotter 17
 Paravirtualization (2)

Figure 8-28. VMI Linux running on (a) the bare

hardware (b) VMware (c) Xen.
cs431-cotter 18
Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639
 Products (partial List)
• Microsoft – Virtual PC, Hyper-V
• QEMU – Processor Emulation & VM
• Sun Microsystems – xVM, VirtualBox
• VMware – ESX Server, Workstation,
Fusion, Player, Server
• Xen – Xen
• VirtualIron

cs431-cotter 19
 Memory Virtualization
• OS tracks mapping of virtual memory
pages to physical memory pages.
• Builds page tables, then update paging
register (trap).
• Allow hypervisor to manage page
mapping, and use shadow page tables for
the VMs

cs431-cotter 20
 Memory Virtualization
• Changes to page tables do NOT trap!
– One solution: Mark shadow page tables as
read only. Then when VM tries to write to
table, page fault traps to hypervisor.
– Paravirtualized OS: Since OS has been
modified to account for hypervisor, page table
updates can be followed by call to hypervisor
about changes.

cs431-cotter 21
 I/O Virtualization
• Each guest OS holds its own “partition”.
– Typically implemented as a file or region on
disk
– Hypervisor must convert guest OS address
(block #) into physical address in region
– May convert between storage types.
– Must deal with DMA requests

cs431-cotter 22
 VM on Multi-core CPUs
• Each core can be configured for multiple
virtual machines.
– A Quad-core CPU could be configured as a
32 node multi-computer
– Limiting factor is often memory. Each guest
OS has its own requirements (512 MB?)

cs431-cotter 23
 Installing a Virtual machine
• Will first install VirtualBox as hypervisor
• Base OS is Windows 7
• Guest OS will be Ubuntu 12.04.1

cs431-cotter 24
 Installing VirtualBox

cs431-cotter 25
 Installing VirtualBox

cs431-cotter 26
 Installing VirtualBox

cs431-cotter 27
 Installing VirtualBox

cs431-cotter 28
 Installing Ubuntu VM

cs431-cotter 29
 Installing Ubuntu VM

cs431-cotter 30
 Installing Ubuntu VM

cs431-cotter 31
 Installing Ubuntu VM

cs431-cotter 32
Installing
Ubuntu
VM

cs431-cotter 33
 Installing Ubuntu VM

cs431-cotter 34
 Installing Ubuntu VM

cs431-cotter 35
 Installing Ubuntu VM

cs431-cotter 36
 Summary
• Virtualization provides a way to
consolidate OS installations onto fewer
hardware platforms
• 3 basic approaches
– type 1 hypervisor
– type 2 hypervisor
– Paravirtualization
• Must also account for virtual access to
shared resources (memory, I/O)
cs431-cotter 37
 References
• Virtual Machine Interface
– http://vmi.ncsa.uiuc.edu/
• VirtualBox
– https://www.virtualbox.org
• Xen Hypervisor (Red Hat Linux)
– http://www.xen.org/
• Virtual PC 2007
– http://www.microsoft.com
cs431-cotter 38
 Questions
• In terms of resource allocation does a type 1
hypervisor leave more or less space for guest
OSs than a type 2 hypervisor? Why?
• In terms of a access to a guest OS, what is the
difference between a bridged interface and a
NAT interface?
• What changes are needed to convert a guest
OS into a paravirtualized OS?
• Why has virtualization not been available on
PCs until recently (2005)?
cs431-cotter 39