Virtualization

and Cloud
Computing
Definition
 Virtualization is the ability to run multiple operating systems on a
single physical system and share the underlying hardware
resources.
 It is the process by which one computer hosts the appearance of
many computers.
 Virtualization is used to improve IT throughput and costs by using
physical resources as a pool from which virtual resources can be
allocated.
 Virtualization
 Virtualization is a computer architecture technology by which multiple
virtual machines (VMs) are multiplexed in the same hardware
machine.
 The purpose of a VM is to enhance resource sharing by many users
and improve computer performance in terms of resource utilization
and application flexibility.
 Hardware resources (CPU, memory, I/O devices, etc.) or software
resources (operating system and software libraries) can be virtualized
in various functional layers.
 The idea is to separate the hardware from the software to yield better
system efficiency. For example, computer users gained access to
much enlarged memory space when the concept of virtual memory
was introduced.
 Similarly, virtualization techniques can be applied to enhance the use
of compute engines, networks, and storage.
Virtualization Architecture
• A Virtual machine (VM) is an isolated
runtime environment (guest OS and
applications)
• Multiple virtual systems (VMs) can run on
a single physical system
Hypervisor
 A hypervisor, a virtual machine manager/monitor (VMM), or
virtualization manager, is a program that allows multiple operating
systems to share a single hardware host.
 Each guest operating system appears to have the host's
processor, memory, and other resources all to itself. However, the
hypervisor is actually controlling the host processor and resources,
allocating what is needed to each operating system in turn and
making sure that the guest operating systems (called virtual
machines) cannot disrupt each other.
Benefits of Virtualization
 Sharing of resources helps cost reduction
 Isolation: Virtual machines are isolated from each other as if they
are physically separated
 Encapsulation: Virtual machines encapsulate a complete
computing environment
 Hardware Independence: Virtual machines run independently of
underlying hardware
 Portability: Virtual machines can be migrated between different
hosts.
Virtualization in Cloud Computing
Cloud computing takes virtualization one step further:
 You don’t need to own the hardware
 Resources are rented as needed from a cloud
 Various providers allow creating virtual servers:
 Choose the OS and software each instance will have
 The chosen OS will run on a large server farm
 Can instantiate more virtual servers or shut down existing ones within
minutes
 You get billed only for what you used
Implementation Levels of
Virtualization
A traditional computer runs with a host operating system specially
tailored for its hardware architecture, as shown in Figure. After
virtualization, different user applications are managed by their own
operating systems (guest OS) can run on the same hardware,
independent of the host OS. This is often done by adding additional
software, called a virtualization layer.
 This virtualization layer is known as hypervisor or
virtual machine monitor (VMM). The VMs are
shown in the upper boxes, where applications run
with their own guest OS over the virtualized CPU,
memory, and I/O resources.
 The main function of the software layer for
virtualization is to virtualize the physical hardware
of a host machine into virtual resources to be
used by the VMs, exclusively.
Virtualization levels
 Instruction Set Architecture
 Level
At the ISA level, virtualization is performed by emulating a given ISA by the
ISA of the host machine.
 For example, MIPS binary code can run on an x86-based host machine with
the help of ISA emulation.
 With this approach, it is possible to run a large amount of legacy binary code
written for various processors on any given new hardware host machine.
 Instruction set emulation leads to virtual ISAs created on any hardware
machine.
 The basic emulation method is through code interpretation. An interpreter
program interprets the source instructions to target instructions one by one.
 One source instruction may require tens or hundreds of native target
instructions to perform its function. Obviously, this process is relatively slow.
 For better performance, dynamic binary translation is desired. This approach
translates basic blocks of dynamic source instructions to target instructions.
 The basic blocks can also be extended to program traces or super blocks to
increase translation efficiency.
 Instruction set emulation requires binary translation and optimization. A
virtual instruction set architecture (V-ISA) thus requires adding a processor-
specific software translation layer to the compiler.
 Hardware Abstraction
 Level virtualization is performed right on top of the
Hardware-level
bare hardware.
 On the one hand, this approach generates a virtual hardware
environment for a VM.
 On the other hand, the process manages the underlying
hardware through virtualization.
 The idea is to virtualize a computer’s resources, such as its
processors, memory, and I/O devices.
 The intention is to upgrade the hardware utilization rate by
multiple users concurrently.
 The idea was implemented in the IBM VM/370 in the 1960s.
 More recently, the Xen hypervisor has been applied to virtualize
x86-based machines to run Linux or other guest OS
applications.
 Operating System Level
 This refers to an abstraction layer between traditional OS and
user applications.
 OS-level virtualization creates isolated containers on a single
physical server and the OS instances to utilize the hardware and
software in data centers.
 The containers behave like real servers. OS-level virtualization
is commonly used in creating virtual hosting environments to
allocate hardware resources among a large number of mutually
distrusting users.
 It is also used, to a lesser extent, in consolidating server
hardware by moving services on separate hosts into containers
or VMs on one server.
 Library Support Level
 Most applications use APIs exported by user-level libraries
rather than using lengthy system calls by the OS.
 most systems provide well-documented APIs, such an
interface becomes another candidate for virtualization.
 Virtualization with library interfaces is possible by controlling
the communication link between applications and the rest of
a system through API hooks.
 The software tool WINE has implemented this approach to
support Windows applications on top of UNIX hosts.
 Another example is the vCUDA which allows applications
executing within VMs to leverage GPU hardware acceleration.
 User-Application Level
 Virtualization at the application level virtualizes an
application as a VM. On a traditional OS, an application
often runs as a process.
 Therefore, application-level virtualization is also known as
Virtual Machines and Virtualization of Clusters and Data
Centers process-level virtualization.
 The most popular approach is to deploy high level
language (HLL) VMs.
 In this scenario, the virtualization layer sits as an
application program on top of the operating system, and
the layer exports an abstraction of a VM that can run
programs written and compiled to a particular abstract
machine definition. Any program written in the HLL and
compiled for this VM will be able to run on it.
 The Microsoft .NET CLR and Java Virtual Machine (JVM) are
two good examples of this class of VM.
 User-Application Level
 Other forms of application-level virtualization are known as
application isolation, application sandboxing, or application
streaming.
 The process involves wrapping the application in a layer that is
isolated from the host OS and other applications.
 The result is an application that is much easier to distribute and
remove from user workstations.
 An example is the LANDesk application virtualization platform
which deploys software applications as self-contained,
executable files in an isolated environment without requiring
installation, system modifications, or elevated security
privileges
Types of Virtualization

 Full Virtualization
 Para Virtualization
 Hardware Virtualization
 Virtualization of CPU, Memory and I/O devices.
OS Virtualization
OS Virtualization
OS Virtualization
OS Virtualization
OS Virtualization
 Type 1 Hypervisor
 A hypervisor that can be natively installed and run directly on a physical
host is called a Type 1 hypervisor.

 A Type 1 hypervisor can be directly installed on a bare-metal system or

physical host.

 It does not require an operating system(OS) to be installed or available

first, in order to deploy itself on a server.

 Direct access to CPU, Memory, Network, Physical storage.

 Hardware utilization is more efficient, delivering the best performance.
 Better security because of an absence of any extra layer for hardware
access.
 Each type 1 hypervisor always requires a dedicated physical machine.
 Can cost more and suitable more for enterprise grade solutions.
 VMware ESXi, Citrix Hypervisor and Microsoft Hyper-V are some examples
of Type 1 Hypervisors.
Type 2 Hypervisor
 A hypervisor that cannot be natively installed and requires an
operating system to run on a physical host is called a Type 2
hypervisor.
 A Type 2 hypervisor cannot be directly installed on a bare-metal
system or physical host.
 It requires an operating system to be installed or available first,
in order to deploy itself.
 Indirect access to CPU, Memory, Network, Physical storage.
 Because of an extra layer(OS) to access resources, hardware
utilization can be less efficient and lag in performance.
 Potential security risks because of the availability of the host
operating system.
 Each type 2 hypervisor does not require a dedicated physical
machine. There can be many on a single host.
Binary Translation with Full
Virtualization
 Depending on implementation technologies, hardware
virtualization can be classified into two categories: full
virtualization and host-based virtualization.
 Full virtualization does not need to modify the host OS.
 It relies on binary translation to trap and to virtualize the
execution of certain sensitive, non-virtualizable instructions.
 The guest OSes and their applications consist of non-critical
and critical instructions.
 In a host-based system, both a host OS and a guest OS are
used.
 A virtualization software layer is built between the host OS
and the Guest OS.
 Full Virtualization
 With full virtualization, non-critical instructions run on the
hardware directly while critical instructions are discovered and
replaced with traps into the VMM to be emulated by software.
 Both the hypervisor and VMM approaches are considered full
virtualization.
 Why are only critical instructions trapped into the VMM?
 This is because binary translation can incur a large performance
overhead. Noncritical instructions do not control hardware or
threaten the security of the system, but critical instructions do.
 Therefore, running noncritical instructions on hardware not only
can promote efficiency, but also can ensure system security.
 Binary Translation of Guest OS
Requests Using a VM
 This approach was implemented by VMware and many other software
companies.
 As shown in Figure in next slide,
 VMware puts the VMM at Ring 0 and the guest OS at Ring 1. The VMM
scans the instruction stream and identifies the privileged, control- and
behavior-sensitive instructions.
 When these instructions are identified, they are trapped into the VMM,
which emulates the behavior of these instructions.
 The method used in this emulation is called binary translation.
 Therefore, full virtualization combines binary translation and direct
execution.
 The guest OS is completely decoupled from the underlying hardware.
Consequently, the guest OS is unaware that it is being virtualized.
 The performance of full virtualization may not be ideal, because it
involves binary translation which is rather time-consuming.

 Binary Translation of Guest OS
Requests Using a VM - Contd
 In particular, the full virtualization of I/O-intensive
applications is a really a big challenge.
 Binary translation employs a code cache to store
translated hot instructions to improve performance, but it
increases the cost of memory usage.
 The performance of full virtualization on the x86
architecture is typically 80 percent to 97 percent that of
the host machine.
 Host-Based Virtualization
 An alternative VM architecture is to install a virtualization layer on
top of the host OS.
 This host OS is still responsible for managing the hardware. The
guest OSes are installed and run on top of the virtualization layer.
 Dedicated applications may run on the VMs. Certainly, some other
applications can also run with the host OS directly.
 This host based architecture has some distinct advantages.
 First, the user can install this VM architecture without modifying the
host OS. The virtualizing software can rely on the host OS to provide
device drivers and other low-level services.
 This will simplify the VM design and ease its deployment.
 Second, the host-based approach appeals to many host machine
configurations. Compared to the hypervisor/VMM architecture, the
performance of the host-based architecture may also be low.
 When an application requests hardware access, it involves four
layers of mapping which downgrades performance significantly.
 When the ISA of a guest OS is different from the ISA of the
underlying hardware, binary translation must be adopted. Although
the host-based architecture has flexibility, the performance is too
 Para-Virtualization with Compiler Support

 Para-virtualization needs to modify the guest operating

systems.
 A para-virtualized VM provides special APIs requiring
substantial OS modifications in user applications.
 Performance degradation is a critical issue of a virtualized
system. No one wants to use a VM if it is much slower than
using a physical machine.
 The virtualization layer can be inserted at different
positions in a machine software stack.
 However, para-virtualization attempts to reduce the
virtualization overhead, and thus improve performance by
modifying only the guest OS kernel.
Para-Virtualization Architecture
 Figure illustrates the concept of a para-virtualized VM
architecture.
 Para-Virtualization Architecture
 The guest operating systems are para-virtualized.
 They are assisted by an intelligent compiler to replace the
nonvirtualizable OS instructions by hypercalls as illustrated in
Figure .
 The traditional x86 processor offers four instruction execution
rings: Rings 0, 1, 2, and 3.
 The lower the ring number, the higher the privilege of
instruction being executed.
 The OS is responsible for managing the hardware and the
privileged instructions to execute at Ring 0, while user-level
applications run at Ring 3.
 The best example of para-virtualization is the KVM.