





































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This lecture is from Operating System Design and Implementation course. Its key words are: Virtualization, Process Abstraction, Pseudo Machine, Kernel Stack, Virtualization Stack, Virtualization in Enterprise, Os Services, Feasibility Issues, Performance Issues, Full System Simulation, System Emulation Techniques, Dynamic Translation, Goldberg Theorem, Paravirtualization, Physical Memory Map
Typology: Slides
1 / 77
This page cannot be seen from the preview
Don't miss anything!






































































based on material from :
Nov 25, 2013
Outline ● (^) Introduction (^) What, why? ● (^) Basic techniques (^) Simulation (^) Binary translation ● (^) Kinds of instructions ● (^) Virtualization (^) x86 Virtualization (^) Paravirtualization ● (^) Summary
Process vs. Virtualization ● (^) The Process abstraction is a “weak, fuzzy” form of virtualization (^) Many process resources exactly match machine resources ● (^) %eax, %ebx, … (^) Some machine resources are not visible to processes ● (^) %cr (^) Some process resources are “inspired by” hardware ● (^) SIGALARM (^) Some process resources are “invented” - don't match any hardware feature ● (^) “current directory” and “umask” ● (^) Virtualization is “more like hardware” than processes (^) What runs inside virtualization is an operating system Process : Kernel :: Kernel :?
Process vs. Virtualization ● (^) The Process abstraction is a “weak, fuzzy” form of virtualization (^) Many process resources exactly match machine resources ● (^) %eax, %ebx, … (^) Some machine resources are not visible to processes ● (^) %cr (^) Some process resources are “inspired by” hardware ● (^) SIGALARM (^) Some process resources are “invented” - don't match any hardware feature ● (^) “current directory” and “umask” ● (^) Virtualization is “more like hardware” than processes (^) What runs inside virtualization is an operating system Process : Kernel :: Kernel : Virtual-machine monitor
Disadvantages of the Process Abstraction ● (^) Processes share the fle system (^) Diffcult to simultaneously use different versions of: ● (^) Programs, libraries, confgurations ● (^) Single machine owner: (^) root is the superuser (^) Any process that attains superuser privileges controls all processes ● (^) Processes share the same kernel (^) Kernels are huge , lots of possibly-buggy code ● (^) Processes have limited degree of protection, even from each other (^) Linux “OOM killer” can kill one process if another uses lots of memory ● (^) Overall, processes aren't that isolated from each other...
Process Kernel Process Process Physical Machine Process/Kernel Stack
Why Use Virtualization? ● (^) Run two operating systems on the same machine! (^) “Windows+Linux” was VMware's frst business model (^) Hobbyists like to run ancient-history OS's ● (^) Debugging OS's is more pleasant (^) Also: instrumenting what an OS does (^) Monitoring a captive OS for security infestations ● (^) “Process abstraction” at the kernel layer (^) Separate fle system (^) Multiple machine owners (^) Better protection than one kernel's processes (in theory) ● (^) “Small, secure” hypervisor, “small, fair” scheduler
Why Use Virtualization? ● (^) Huge impact on enterprise hosting (^) No longer need to sell whole machines (^) Sell machine slices ● (^) “xx GB RAM, yy cores” - smoother than “n Dell PowerEdge 2600's” ● (^) Can put competitors on the same physical hardware ● (^) Can separate instance of VM from instance of hardware (^) Live migration of VM from machine to machine ● (^) Deal with machine failures or machine-room flooding (^) VM replication to provide fault tolerance ● (^) “Why bother doing it at the application level?” ● (^) Can overcommit hardware (^) Most VM's are not 100% busy all the time (^) If one suddenly becomes 100% busy, move it to a dedicated machine for a few hours, then move it back
Disadvantages of Virtual Machines ● (^) Attempt to solve what really is an abstraction issue somewhere else (^) Monolithic kernels (^) Not enough partitioning of global identifers ● (^) pids, uids, etc (^) Applications written without distribution and fault tolerance in mind ● (^) Provides some interesting mechanisms, but may not directly solve “the problem”
Disadvantages of Virtual Machines ● (^) Feasibility issues (^) Hardware support? OS support? (^) Admin support? (^) Popularity of virtualization platforms argues these can be handled ● (^) Performance issues (^) Is a 10-20% performance hit tolerable? ● (^) When an IPC becomes and RPC the cost goes up dramatically (^) Can your NIC or disk keep up with the load of multiple virtual machines? (^) Interdomain DoS? Thrashing? ● (^) “Nothing fails like success” (^) VMMs are getting larger, and potentially home to security bugs
Full-System Simulation (Simics 1998) ● (^) Software simulates hardware components that make up a target machine (^) Interpreter executes each instruction & updates the software representation of the hardware state ● (^) Approach is very accurate but very slow ● (^) Great for OS development & debugging (^) “Break on triple fault” is better than real hardware suddenly rebooting (^) Possible to debug a driver for a hardware device that hasn't been built yet
System Emulation (Bochs, DOSBox, QEMU) ● (^) Emulate just enough of hardware components to create an accurate “user experience” ● (^) Typically CPU & memory are emulated (^) Buses are not (^) Devices communicate with CPU & memory directly ● (^) Shortcuts are taken to achieve better performance (^) Reduces overall system accuracy (^) Code designed to run correctly on real hardware executes “pretty well” (^) Code not designed to run correctly on real hardware exhibits wildly divergent behavior
System Emulation Techniques ● (^) Dynamic translation: (^) Translate a block of guest instructions to host instructions just prior to execution of that block (^) Cache translated blocks for better performance (^) Like a Smalltalk/Java “JIT” ● (^) Dynamic recompilation & adaptive optimization: (^) Discover which algorithm the guest code implements (^) Substitute with an optimized version on the host (^) Hard
Outline ● (^) Introduction (^) What, why? ● (^) Basic techniques (^) Simulation (^) Binary translation ● (^) Kinds of instructions ● (^) Virtualization (^) x86 Virtualization (^) Paravirtualization ● (^) Summary