现代系统:IBM VM/370 和 XEN

本章节介绍了现代操作系统的虚拟化,虚拟化的好处包括充分利用机器,易于调试和监视操作系统,可移植性等, 另外介绍了Xen和虚拟化的艺术,完全虚拟化以及部分虚拟化,表示完全虚拟化和准虚拟化将继续共同发展。
展开查看详情

1.Virtualization: IBM VM/370 and Xen Hakim Weatherspoon CS6410 1

2.IBM VM/370 Robert Jay Creasy (1939-2005) Project leader of the first full virtualization hypervisor: IBM CP-40, a core component in the VM system The first VM system: VM/370

3.Virtual Machine: Origin IBM CP/CMS CP-40 CP-67 VM/370 3

4.Why Virtualize 4 Underutilized machines Easier to debug and monitor OS Portability Isolation The cloud (e.g. Amazon EC2, Google Compute Engine, Microsoft Azure)

5.IBM VM/370 System/370 Control Program (CP) Conversational Monitor System (CMS) Mainstream OS (MVS, DOS/VSE etc.) Specialized VM subsystem (RSCS, RACF, GCS) Another copy of VM Hardware Hypervisor Virtual machines

6.IBM VM/370 Technology: trap-and-emulate Kernel Application Privileged Problem CP Trap Emulate

7.Classic Virtual Machine Monitor (VMM) 7

8.Virtualization: rejuvenation 1960’s: first track of virtualization Time and resource sharing on expensive mainframes IBM VM/370 Late 1970’s and early 1980’s: became unpopular Cheap hardware and multiprocessing OS Late 1990’s: became popular again Wide variety of OS and hardware configurations VMWare Since 2000: hot and important Cloud computing Docker containers

9.Full Virtualization 9 Complete simulation of underlying hardware Unmodified guest OS Trap and simulate privileged instruction Was not supported by x86 (Not true anymore, Intel VT-x) Guest OS can’t see real resources

10.Paravirtualization 10 Similar but not identical to hardware Modifications to guest OS Hypercall Guest OS registers handlers Improved performance

11.VMware ESX Server 11 Full virtualization Dynamically rewrite privileged instructions Ballooning Content-based page sharing

12.Denali 12 Paravirtualization 1000s of VMs Security & performance isolation Did not support mainstream OSes VM uses single-user single address space

13.Xen and the Art of Virtualization 13

14.Xen 14 University of Cambridge, MS Research Cambridge XenSource , Inc. Released in 2003 and published in SOSP 2003 Acquired by Critix Systems in 2007 for $500M Now in RHEL5, Solaris, SUSE Linux Enterprise 10, EC2

15.Xen and the art of virtualization SOSP’03 Very high impact (data collected in 2013)

16.Xen 16 No changes to ABI (application binary interface) Full multi-application OS Paravirtualization Real and virtual resources Up to 100 VMs

17.Virtualization on x86 architecture Challenges: Virtualization on x86 architecture Correctness: not all privileged instructions produce traps! Example: popf Performance: System calls: traps in both enter and exit (10X) I/O performance: high CPU overhead Virtual memory: no software-controlled TLB

18.Xen 18 Xen 3.0 and up supports full virtualization with hardware support See backup slides

19.Xen architecture

20.Domain 0 20 Management interface Created at boot time Policy from mechanism Privileged

21.Control Transfer 21 Hypercalls Lightweight events

22.Interface: Memory Management 22 Guest OSes manage their own page tables Register pages with Xen No direct write access Updates through Xen Hypervisor @ top 64MB of every address space 2018: security issues with Meltdown/ Spectre

23.Interface: CPU 23 Xen in ring 0, OS in ring 1, everything else in ring 3 “ Fast” exception handler Xen handles page fault exceptions Double faulting

24.Interface: Device I/O Shared-memory, asynchronous buffer descriptor I/O rings

25.Subsystem Virtualization 25 CPU Scheduling : Borrowed Virtual Time Real , virtual, and wall clock times Virtual address translation : updates through hyper call Physical memory : balloon driver, translation array Network : VFR, VIF Disk : VBD

26.Porting effort

27.Evaluation: Relative Performance

28.Evaluation: Concurrent Virtual Machines

29.Conclusion x86 architecture makes virtualization challenging Full virtualization unmodified guest OS; good isolation Performance issue (especially I/O) Para virtualization: Better performance (potentially) Need to update guest kernel Full and para virtualization will keep evolving together