Virtualisation Assessment

1
Virtualisation Assessment Roadmap

• Giovanni Marchetti

2
Agenda

• Virtualisation Flavours
• Infrastructure Maturity Virtualisation
• DLPARs on AMD Intel
• Microsoft Virtualisation
• QA

3
Definition

• Virtualisation is a technique to pool computing
  resources in a way that masks their physical
  boundaries to the resource users

4
Virtualisation Flavours

• Workload Management on a single host, single o/s
• WSRM, ArmTech, Unix WLM, etc
• Multiple virtual machines on same host o/s
• Virtual Server, VMWare, Xen, Unix VM, zVM, etc
• Dynamic Logical Partitions (DLPARs)
• Windows Virtualisation (200X), several Unix/MF
• All of the above model-based management
  dynamic infrastructure
• DSI, Autonomic Computing, etc

5
Dynamic LPARs

• LPAR logical partition
• Not bound to HW structure (e.g. can use of CPU)
• O/S runs on top, may (or may not) be LPAR-aware
• DLPAR can change physical resource allocation
  dynamically
• Requires O/S support (e.g. dynamic add/remove RAM
  or CPU)
• Applications may (or may not) be able to take
  advantage
• Most efficient virtualisation technique

6
Infrastructure Maturity Model
7
Tool Map
WSRM
DSI
VS
DLPAR WSRM
8
The Road to DLPAR

• on commodity hardware

9
Virtualisation Types
Type-2 VMM
Type-1 VMM(Hypervisor)
Hybrid VMM
Guest 1
Guest 2
VMM
Guest 1
Guest 2
Guest 1
Guest 2
Host OS
VMM
Host OS
VMM
Hardware
Hardware
Hardware
Examples JVMCLR
Examples Virtual PC Virtual Server
Examples Windows Virtualisation
What we have today
What were building
10
Tasks of a Virtual Machine Monitor
OS and Apps in a VM don't know that the VMM
exists or that they share CPU resources with
other VMs
VM1
VM0
VMM isolates Guest SW stacks from one another
...
...
App
App
App
App
App
App
Guest OS0
Guest OS1
...
VMM runs protected from all Guest software
VM Monitor
VMM presents a virtual platform interface to
Guest SW
Platform Hardware
11
SW Solution Guest Ring De-privileging
Run Guest OS above Ring-0 and have privileged
instructions generate faults...
Run VMM in Ring-0 as a collection of fault
handlers

• Top IA Virtualisation Issues
• Ring Aliasing
• Non-trapping instructions
• Excessive Faulting
• Interrupt Virtualisation Issues
• CPU state context switching
• Addr Space Compression
• Complex Software Techniques
• Source guest OS Modifications
• Binary guest OS Modifications

VM1
VM0
...
...
App
App
App
App
App
App
Guest OS0
...
Guest OS1
VM Monitor
Platform Hardware
12
Intel Virtualisation Technology
VM1
VM0
...
...
App
App
App
App
App
App
Guest OS0
...
Guest OS1
VMM preempts execution of Guest SW via new
HW-based transition mechanism
VM Monitor
Platform Hardware
13
Operating Modes

• VMX root operation
• Fully privileged, intended for VM monitor
• VMX non-root operation
• Not fully privileged, intended for guest software
• Reduces Guest SW privilege w/o relying on rings

14
VM Entry and VM Exit

• VM Entry
• Transition from VMM to Guest
• Enters VMX non-root operationLoads Guest state
  and Exit criteria from VMCS
• VMLAUNCH instruction used on initial
  entryVMRESUME instruction used on subsequent
  entries
• VM Exit
• VMEXIT instruction used on transition from Guest
  to VMM
• Enters VMX root operation
• Saves Guest state in VMCS
• Loads VMM state from VMCS

VM1
VM0
...
...
App
App
App
App
App
App
...
Guest OS0
Guest OS1
VM Monitor
VM Exit
VM Entry
Physical Host Hardware
15
VT-x Operations
VMX Non-root Operation
. . .
VM Exit
IA-32 Operation
VMX Root Operation
VMRESUME
VMXON
VMLAUNCH
16
AMD Virtualisation Technology

• Hosts executes VMRUN to start guest stream
• Guest runs until it exits back to host
• Host resumes after VMRUN
• VMCB holds guest state

17
AMD Virtualisation Technology
18
Principal Causes of EXIT (applies to both)

• Paging state exits
• CPU State-based exits allow function
  virtualisation
• Selective exception and I/O exiting
• Controls provided for asynchronous events (e.g.
  interrupts)
• Guest inactivity

19
The Road to DLPAR

• on Windows

20
Windows Virtualisation

• Windows virtualisation for servers
• Hypervisor-based
• Separate, small management partition (parent)
• Targeting availability in the Longhorn wave
• Definitions
• Parent partition a partition that manages its
  children
• Child partition any number of partitions that
  are started, managed, and shut down by their
  parent
• Virtualisation Stack The collection of
  components that runs in the parent partition for
  VM management

21
Windows Virtualisation for Servers

• Some proposed features
• 32-bit and 64-bit guests, x64-only hosts
• Guest multiprocessing
• Virtualised devices
• WMI management and control API
• Save restore
• Snapshotting
• CPU and I/O resource controls
• Tuning for NUMA
• Dynamic resource addition removal
• Live migration

22
The Hypervisor

• Very thin layer of software
• Highly reliable
• Much smaller Trusted Computing Base (TCB)
• No built-in driver model
• Leverage the large base of Windows drivers
• Drivers run in a partition
• Will have a well-defined, published interface
• Allow others to create support for their OSs as
  guests
• Hardware virtualisation required

23
Monolithic vs. Microkernelised

• Monolithic hypervisor
• Simpler than a modern kernel, but still complex
• Contains its own drivers model

• Microkernelised hypervisor
• Simple partitioning
• Increase reliability and minimize TCB
• No third-party code
• Drivers run within guests

VM 1 ('Admin')
VM 2
VM 3
VM 2 ('Child')
VM 3 ('Child')
VM 1('Parent')
Virtual- ization Stack
Hypervisor
Hypervisor
Hardware
Hardware
24
The Hypervisor

• Thin layer of software running on the hardware
• Supports creation of partitions
• Each partition is a virtual machine
• Each partition has one or more virtual processors
• Partitions can own or share hardware resources
• Software running in partition is called a guest
• Enforces memory access rules
• Enforces policy for CPU usage
• Virtual processors are scheduled on real
  processors
• Enforces ownership of other devices
• Provides simple inter-partition messaging
• Messages appear as interrupts
• Exposes simple programmatic interface called
  'hypercalls'

Parent Partition (Minimum Footprint Windows)
Hypervisor
CPU
Hard Drive
Ethernet NIC
RAM
25
Virtualisation Stack

• Collection of user-mode kernel-mode components
• Runs within a partition on top of a (minimal) OS
• Contains all VM support not in the hypervisor
• Interacts with hypervisor
• Calls the hypervisor to perform certain actions
• Responds to messages from the hypervisor or from
  other partitions
• Creates and manages a group of 'child partitions'
• Manages memory for child partitions
• Virtualises devices for child partitions
• Exposes a management interface

VM Worker Process
VM Worker Process
VM Service
WMI Provider
VM Worker Process
VirtualisationInfrastructureDriver
VMBus Bus Driver
Hypervisor API Message Library
Parent Partition
Child Partition 1
Child Partition 2
Hypervisor
26
Device Virtualisation

• Provides a method for sharing hardware
  efficiently
• Physical devices are still managed by their
  device drivers
• Definitions
• Virtualisation Service Providers (VSPs) Clients
  (VSCs)
• VSP provider, VSC consumer
• VSP typically run in a partition that 'owns' a
  hardware resource
• VSP/VSC pair per device type (storage, network,
  etc.)
• May expose bandwidth resource controls
• Protocol is specific to device type, but is
  generally OS-agnostic

27
Device Virtualisation

• Physical devices
• Managed by traditional driver stacks
• Virtualisation service providers (VSPs)
• Virtualise a specific class of device (e.g.
  networking, storage, etc.)
• Expose an abstract device interface
• Run within the partition that owns the
  corresponding physical device
• Virtualisation service clients (VSCs)
• Consume virtualised hardware service
• VMBus
• Software 'bus' (enumeration, hot plug, etc.)
• Enables VSPs and VSCs to communicate efficiently
• Uses memory sharing and hypervisor IPC messages

Storage VSP
Storage Stack
Storage Stack
Storage VSC
Port Driver
Parent Partition
VMBus
VMBus
Hypervisor
Disk
28
Windows Enlightenments

• Enlightenments
• Modifications to an OS to make it aware that its
  running within a VM
• Windows codenamed 'Longhorn' enlightenments
• Optimisations in memory manager (MM)
• Win32 and kernel API Am I running on a virtual
  machine?
• Looking at additional enlightenments in the future

29
Some System Requirements

• Must support hardware virtualisation
• Intels Virtualisation Technology
• AMDs 'Pacifica'
• We are not planning on supporting any other
  implementations (e.g. VT-i)
• Must support x64 extensions

30
Community Resources

• Windows Hardware Driver Central (WHDC)
• www.microsoft.com/whdc/default.mspx
• Technical Communities
• www.microsoft.com/communities/products/default.msp
  x
• Non-Microsoft Community Sites
• www.microsoft.com/communities/related/default.mspx
  
• Microsoft Public Newsgroups
• http//www.microsoft.com/communities/newsgroups/de
  fault.mspx
• Technical Chats and Webcasts
• www.microsoft.com/communities/chats/default.mspx
• www.microsoft.com/webcasts
• Microsoft Blogs
• www.microsoft.com/communities/blogs

31
Additional Resources

• Email msvirtex _at_ microsoft.com
• Web Resources
• http//www.microsoft.com/windowsserversystem/virtu
  alserver
• http//www.microsoft.com/windowsxp/virtualpc