virtual machine monitors
play

Virtual Machine Monitors Lakshmi Ganesh What is a VMM? - PowerPoint PPT Presentation

Oct 12, 2023 •375 likes •763 views

Virtual Machine Monitors Lakshmi Ganesh What is a VMM? Virtualization: Using a layer of software to present a (possibly different) logical view of a given set of resources VMM: Simulate, on a single hardware platform, multiple hardware

  1. Virtual Machine Monitors Lakshmi Ganesh

  2. What is a VMM? Virtualization: Using a layer of software to present a (possibly different) logical view of a given set of resources VMM: Simulate, on a single hardware platform, multiple hardware platforms - virtual machines VMs are usually similar/identical to underlying machine VMs allow multiple operating systems to be run concurrently on a single machine

  3. What is it, really? Type 1 VMM: Type 2 VMM: IBM VM/370, Xen, VMware VMware Workstation ESX Server App App App App App App App App Guest OS Guest OS OS OS Virtual Machine Virtual Machine Virtual Machine Virtual Machine Virtual Machine Monitor Virtual Machine Monitor Hardware Hardware

  4. VMMs: Meet the family Cousins: Siblings: VMM subtypes Number of instructions Location of VMM: executed on hardware: On top of machine: Statistically Type 1 VMM dominant number: On top of OS (host VMM OS): Type 2 VMM All unprivileged Virtualization approach instructions: HVM Full virtualization None: CSIM Paravirtualization

  5. Why is a VMM?

  6. Why is a VMM? No more dual booting!

  7. Why is a VMM? No more Sandbox for dual booting! testing

  8. Why is a VMM? Consolidate multiple servers onto single machine No more Sandbox for dual booting! testing

  9. Why is a VMM? Consolidate multiple servers onto single machine Add lots more servers - virtual ones! No more Sandbox for dual booting! testing

  10. Why is a VMM? Consolidate multiple servers onto single machine Add lots more servers - virtual ones! Flash cloning: adapt number of No more Sandbox for servers to load dual booting! testing

  11. VMMs: Challenges and Design Decisions Several warring parameters: what is our goal? Performance: VM must be like real machine! Design Decision: Avoid simulation (Xen, VMware ESX) Design Decision: Type 1 VMM (Xen, VMware ESX) Ability to run unmodified OSes Design Decision: full virtualization (VMware) CPUs non-amenable to virtualization Design Decision: paravirtualization (Xen)

  12. Challenges and Design Decisions (contd.) Performance Isolation Design Decision: Virtualize MMU (Xen) Scalability: more VMs per machine Design Decision: Memory Reclamation, Shared Memory (Xen, VMware) Ease of Installation Design Decision: hosted VMM (VMware WS) VMM must be reliable and bug-free Design Decision: Keep it simple: hosted VMM (VMware WS)

  13. Real A Story

  14. Real A Story Each machine must host thousands of VMs

  15. Real A Story Each machine must host thousands of VMs Scalability

  16. Real A Story Each machine must host thousands of VMs Scalability VMs must run insecure software

  17. Real A Story Each machine must host thousands of VMs Scalability VMs must run insecure Fault software containment

  18. Real A Story Each machine must host thousands of VMs VMM: must send alert when breach occurs Scalability VMs must run insecure Fault software containment

  19. Real A Story Each machine must host thousands of VMs VMM: must send alert when breach occurs Scalability Copy-on-write VMs must run insecure Fault software containment

  20. Real A Story Each machine must host thousands of VMs VMM: must send alert when breach occurs VM OS must look like native OS to fool malware Scalability Copy-on-write VMs must run insecure Fault software containment

  21. Real A Story Each machine must host thousands of VMs VMM: must send alert when breach occurs VM OS must look like native OS to fool malware Scalability Copy-on-write VMs must run insecure Fault Minimal OS software containment modification

  22. Case Study: Xen Control User User User Plane Software Software Software Software GuestOS GuestOS GuestOS GuestOS (XenoLinux) (XenoLinux) (XenoBSD) (XenoXP) Xeno-Aware Xeno-Aware Xeno-Aware Xeno-Aware Device Drivers Device Drivers Device Drivers Device Drivers X Domain0 virtual virtual virtual virtual E control x86 CPU phy mem network blockdev interface N H/W (SMP x86, phy mem, enet, SCSI/IDE) Figure 1: The structure of a machine running the Xen hyper- visor, hosting a number of different guest operating systems, including Domain0 running control software in a XenoLinux environment.

  23. Xen: The case for Paravirtualization Paravirtualization: When the interface the VM exports is not quite identical to the machine interface Full virtualization is difficult non-amenable CPUs, eg. x86 Replace privileged syscalls with hypercalls: Avoids binary rewriting and fault trapping Full virtualization is undesirable denies VM OSes important information that they could use to improve performance Wall-clock/Virtual time, Resource Availability

  24. Xen: CPU Virtualization Xen runs in ring 0 (most privileged) Ring 1/2 for guest OS, 3 for user-space GPF if guest attempts to use privileged instr Xen lives in top 64MB of linear addr space Segmentation used to protect Xen as switching page tables too slow on standard x86 Hypercalls jump to Xen in ring 0 Guest OS may install ‘fast trap’ handler Direct ring user-space to guest OS system calls Slide source: Ian Pratt http:/ /www.cl.cam.ac.uk/research/srg/netos/papers/2004-xen-ols.pdf

  25. Xen: MMU Virtualization 70%&,(+%5'& 3*+,058( ! 9&%0':;<=-&*$58 70%&,(6+*,%& /0%&,(12 #$$%&&%'() "<'5,%& '*+,-(.*,& Direct-mode 3*+,058( ! !5$=*>% 3$%&'(0%/1& 3!! -40'$/5( ! !/674,% 45+'65+% 3$%&'(204'%& !!" #$%&'()* Shadow-mode +%,(-!! ./012/0% !!" Slide source: Ian Pratt http:/ /www.cl.cam.ac.uk/research/srg/netos/papers/2004-xen-ols.pdf

  26. MMU Micro Benchmarks '&' '&% %&/ %&. %&- %&, %&+ %&* %&) %&( %&' %&% ! " # $ ! " # $ Page fault (µs) Process fork (µs) lmbench results on Linux (L), Xen (X), VMWare Workstation (V), and UML (U) Slide source: Ian Pratt http:/ /www.cl.cam.ac.uk/research/srg/netos/papers/2004-xen-ols.pdf

  27. Xen: I/O Virtualization Device I/O: I/O devices are virtualized as Virtual Block Devices (VBDs) Data transferred in and out of domains using buffer descriptor rings Ring = circular queue of requests and responses. Generic mechanism allows use in various contexts Network: Virtual network Interface (VIF) Transmit and Receive buffers Avoids data copy by bartering pages for packets Slide source: Ian Pratt http:/ /www.cl.cam.ac.uk/research/srg/netos/papers/2004-xen-ols.pdf

  28. Xen: TCP Results *3* *3, ,3: ,39 ,38 ,37 ,3+ ,36 ,35 ,34 ,3* ,3, ! " # $ ! " # $ ! " # $ ! " # $ %&'()%$(*+,,(-)./01 2&'()%$(*+,,(-)./01 %&'()%$(+,,(-)./01 2&'()%$(+,,(-)./01 %;<(.=>?@A?BC(D>(!A>E&(-!1'("F>(-"1'(#)G=HF GDHI0B=BAD>(-#1'(=>?($)!(-$1 Slide source: Ian Pratt http:/ /www.cl.cam.ac.uk/research/srg/netos/papers/2004-xen-ols.pdf

  29. Xen: Odds and Ends Copy-on-write VMs share single copy of RO pages Writes attempts trigger page fault Traps to Xen, which creates unique RW copy of page Result: lightweight VMs, can scale well Live Migration Within 10’ s of milliseconds can migrate VMs from one machine to another! (though app dependent)

  30. Xen: Odds and Ends (contd.) Live Migration mechanism VM continues to run Pre-copy approach: VM continues to run ‘lift’ domain on to shadow page tables Bitmap of dirtied pages; scan; transmit dirtied Atomic ‘zero bitmap & make PTEs read- only’ Iterate until no forward progress, then stop VM and transfer remainder

  31. Xen: Odds and Ends (contd.) Memory Reclamation Over-booked resources How to reclaim memory from a VMOS? VMware ESX Server: balloon process Xen: balloon driver

  32. Xen: Scalability 1001 3289 318 Aggregate score relative to single instance 1000 2.0 924 Aggregate number of conforming clients 906 896 290 289 887 880 874 282 -16.3% (non-SMP guest) 2833 842 2685 800 1.5 662 2104 600 1661 158 1.0 400 0.5 200 0.0 0 1 2 4 8 8(diff) 1 2 4 8 8(diff) L X L X L X L X L X OSDB-IR OSDB-OLTP 1 2 4 8 16 Simultaneous OSDB-IR and OSDB-OLTP Instances on Xen Simultaneous SPEC WEB99 Instances on Linux (L) and Xen(X) Figure 5: Performance of multiple instances of PostgreSQL Figure 4: SPEC WEB99 for 1, 2, 4, 8 and 16 concurrent Apache running OSDB in separate Xen domains. 8(diff) bars show per- servers: higher values are better. formance variation with different scheduler weights.

  33. VM vs. Real Machine 1.1 1714 567 567 263 172 418 518 514 554 550 271 1633 400 1.0 158 0.9 334 310 0.8 Relative score to Linux 0.7 0.6 535 80 0.5 65 0.4 172 150 111 0.3 306 0.2 199 0.1 0.0 L X V U L X V U L X V U L X V U L X V U L X V U SPEC INT2000 (score) Linux build time (s) OSDB-IR (tup/s) OSDB-OLTP (tup/s) dbench (score) SPEC WEB99 (score) Figure 3: Relative performance of native Linux (L), XenoLinux (X), VMware workstation 3.2 (V) and User-Mode Linux (U).

  34. Things to think about Xen only useful for research settings? OS modification is a BIG thing Xen v2.0 requires no modification of Linux 2.6 core code Why Xen rather than VMware for honeyfarms? Is performance key for a honeypot? It’ s free :-) Great expectations for VMMs: but how realistic/useful are they? Mobile applications, VMMs are not new... they have been resurrected what further directions for research?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Virtual Machine Monitors IBM VM/370 - Mainframe time-sharing 1990s VMware - MPP

Virtual Machine Monitors IBM VM/370 - Mainframe time-sharing 1990s VMware - MPP

Virtual Machine History 1960s Virtual Machine Monitors IBM VM/370 - Mainframe time-sharing 1990s VMware - MPP abstraction / x86 virtualization Sun JVM Application level virtualization Lincoln Uyeda CS 614 -

99 views • 6 slides
Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization)

Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization)

Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization) Software to simulate hardware Independent Separate Use one piece of hardware to simulate many computers Topics What are

519 views • 22 slides
An Online Virtual Machine Placement Algorithm in an Over-Committed Cloud Siqi Ji*, Ming Da Li,

An Online Virtual Machine Placement Algorithm in an Over-Committed Cloud Siqi Ji*, Ming Da Li,

IC2E18 An Online Virtual Machine Placement Algorithm in an Over-Committed Cloud Siqi Ji*, Ming Da Li, Niannian Ji, Baochun Li Virtual Machine Placement Select the most suitable physical machine (PM) to host each virtual machine (VM).

417 views • 13 slides
Virtual Machines Uses for Virtual Machines There are several uses for virtual machines:

Virtual Machines Uses for Virtual Machines There are several uses for virtual machines:

Virtual Machines Uses for Virtual Machines There are several uses for virtual machines: Virtual machine technology, often just called virtualization , makes one computer behave as several Running several operating systems simultaneously on

254 views • 10 slides
Detection of faulty Beam Position Monitors E. Fol, R. Tomas Garcia Machine Learning Applications

Detection of faulty Beam Position Monitors E. Fol, R. Tomas Garcia Machine Learning Applications

Detection of faulty Beam Position Monitors E. Fol, R. Tomas Garcia Machine Learning Applications for Particle Accelerators, Feb. 28 March 2, 2018, SLAC National Accelerator Laboratory Content Introduction to optics measurements at LHC 1.

445 views • 21 slides
The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

Virtual Machines in Compilation Virtual Machines in Compilation Abstract Syntax Tree compile Compilation 2007 Compilation 2007 Virtual Machine Code The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code

541 views • 11 slides
A Tor gatewayed platform for everyday use Using a virtual machine stack with its own virtual

A Tor gatewayed platform for everyday use Using a virtual machine stack with its own virtual

http://infinite.barrel-of-knowledge.info/cryptoparty/ (Surface web) https://yhfitd2wvrz3aybh.onion/cryptoparty/ (Deep web) A Tor gatewayed platform for everyday use Using a virtual machine stack with its own virtual LAN with all traffic

629 views • 9 slides
Virtual Machines Virtual Machines What is a virtual machine? Examples? Benefits?

Virtual Machines Virtual Machines What is a virtual machine? Examples? Benefits?

Virtual Machines Virtual Machines What is a virtual machine? Examples? Benefits? Virtualization Creation of an isomorphism that maps a virtual guest system to a real host: Maps guest state S to host state V(S) For any

271 views • 26 slides
MIPS Virtual what is the Java - what is the JVM ? lecture 25 Machine analogy ? - what is

MIPS Virtual what is the Java - what is the JVM ? lecture 25 Machine analogy ? - what is

MIPS Virtual what is the Java - what is the JVM ? lecture 25 Machine analogy ? - what is Java &quot;byte code&quot; Java Virtual Machine invoked methods and local stack (is it related to MIPS assembly/machine code ?) variables ?

487 views • 4 slides
Monitors &amp; Condition Synchronisation controller DM519 Concurrent Programming 1 Monitors

Monitors &amp; Condition Synchronisation controller DM519 Concurrent Programming 1 Monitors

Chapter 5 Monitors &amp; Condition Synchronisation controller DM519 Concurrent Programming 1 Monitors &amp; Condition Synchronisation Concepts : monitors (and controllers): encapsulated data + access procedures + mutual exclusion + condition

1.02k views • 45 slides
Modern Virtual Machine Performance murphee (Werner Schuster)

Modern Virtual Machine Performance murphee (Werner Schuster)

Modern Virtual Machine Performance murphee (Werner Schuster) http://jroller.com/page/murphee Overview Virtual Machine Myths Myth: Java is interpreted Myth: Native code is always faster than... Myth: Garbage Collection is

265 views • 24 slides
Virtual Machines 1 questions/logistics office hours posted on website VM setup due Friday 2

Virtual Machines 1 questions/logistics office hours posted on website VM setup due Friday 2

Virtual Machines 1 questions/logistics office hours posted on website VM setup due Friday 2 virtual machines illusion of a dedicated machine could or could not behave like real machine 3 virtual machine types language designed for

1.28k views • 91 slides
Outline Introduction (VM) Virtual Machine Research goals (PM) Physical Machine

Outline Introduction (VM) Virtual Machine Research goals (PM) Physical Machine

10/26/2014 Outline Introduction (VM) Virtual Machine Research goals (PM) Physical Machine Challenges Research questions Background Research contributions Ph.D. Dissertation Defense Supporting Infrastructure

618 views • 19 slides
PageRankVM A PageRank Based Algorithm with Anti-Collocation Constraints for Virtual Machine

PageRankVM A PageRank Based Algorithm with Anti-Collocation Constraints for Virtual Machine

PageRankVM A PageRank Based Algorithm with Anti-Collocation Constraints for Virtual Machine Placement in Cloud Datacenters Zhuozhao Li Haiying Shen Cole Miles University of Virginia July 3, 2018 1 / 19 Virtual Machine Placement In a cloud

772 views • 38 slides
CLR CLR What What is is a a virtual virtual machine machine? ? A new new virtual

CLR CLR What What is is a a virtual virtual machine machine? ? A new new virtual

Introduction: : Introduction CLR CLR What What is is a a virtual virtual machine machine? ? A new new virtual virtual machine machine A CLI CLI and and CLR CLR JIT JIT execution execution and and

117 views • 9 slides
Real Real- -Time Systems Time Systems Monitors Monitors Monitors: (Burns &amp; Wellings,

Real Real- -Time Systems Time Systems Monitors Monitors Monitors: (Burns &amp; Wellings,

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #7 Updated 2009-02-03 Real Real- -Time Systems Time Systems Monitors Monitors Monitors: (Burns &amp; Wellings, Chapter 8.6) Monitors: (Burns &amp; Wellings, Chapter 8.6)

290 views • 6 slides
Socket Programming Socket Programming Srinidhi Varadarajan Client- -server paradigm server

Socket Programming Socket Programming Srinidhi Varadarajan Client- -server paradigm server

Socket Programming Socket Programming Srinidhi Varadarajan Client- -server paradigm server paradigm Client Client: applicat ion initiates contact with server t r anspor t net wor k (speaks first) dat a link physical

395 views • 20 slides
Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1314/ Chapter 8: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1314/ Chapter 8: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1314/ Chapter 8: 1 Chapter 8: Windows Security Chapter 8: 2 Objectives This is not a Windows security crash course. Windows security discussed to show how general

928 views • 56 slides
Performant Multiplatform Kotlin Serialization Eric Cochran KotlinConf October 5, 2018 Performant

Performant Multiplatform Kotlin Serialization Eric Cochran KotlinConf October 5, 2018 Performant

Performant Multiplatform Kotlin Serialization Eric Cochran KotlinConf October 5, 2018 Performant Multiplatform Kotlin Serialization 0.8 Why? Get Started buildscript { repositories { maven { url 'https://kotlin.bintray.com/kotlinx' } }

758 views • 38 slides
Page Cache Nima Honarmand (Based on slides by Don Porter and Mike Ferdman) Fall 2014:: CSE 506::

Page Cache Nima Honarmand (Based on slides by Don Porter and Mike Ferdman) Fall 2014:: CSE 506::

Fall 2014:: CSE 506:: Section 2 (PhD) Page Cache Nima Honarmand (Based on slides by Don Porter and Mike Ferdman) Fall 2014:: CSE 506:: Section 2 (PhD) The address space abstraction Unifying abstraction: Each file inode has an address

314 views • 29 slides
Electric solar wind sail - propelling the future Finnish Cospar 50 years anniversary seminar FMI

Electric solar wind sail - propelling the future Finnish Cospar 50 years anniversary seminar FMI

Electric solar wind sail - propelling the future Finnish Cospar 50 years anniversary seminar FMI auditorium, June 2, 2014 Pekka Janhunen Finnish Meteorological Institute, Helsinki 1 Contributors Petri Toivanen, Jouni Envall, Jouni Polkko,

764 views • 24 slides
Exploiting the hierarchical structure of rule-based specifications for decision planning Alberto

Exploiting the hierarchical structure of rule-based specifications for decision planning Alberto

Exploiting the hierarchical structure of rule-based specifications for decision planning Alberto Lluch Artur Boronat Roberto Bruni Ugo Montanari Generoso Paolillo IFIP International Conference on Formal T echniques for Distributed Systems

1.29k views • 94 slides
OCELOTL: CLOSE ENCOUNTERS OF THE THIRD KIND 8th International Parallel Tools Workshop 1st

OCELOTL: CLOSE ENCOUNTERS OF THE THIRD KIND 8th International Parallel Tools Workshop 1st

OCELOTL: LARGE TRACE OVERVIEWS BASED ON MULTIDIMENSIONAL DATA AGGREGATION OCELOTL: CLOSE ENCOUNTERS OF THE THIRD KIND 8th International Parallel Tools Workshop 1st October 2014 Damien Dosimont 1 2 , Youenn Corre 1 2 , Lucas M. Schnorr 3 ,

611 views • 46 slides
Chemical properties of Blue Compact Dwarf galaxies: Local Analogues of High Redshift Galaxies

Chemical properties of Blue Compact Dwarf galaxies: Local Analogues of High Redshift Galaxies

Chemical properties of Blue Compact Dwarf galaxies: Local Analogues of High Redshift Galaxies Nimisha Kumari Schlumberger Fellow University of Cambridge, UK Kumari+2017, 2018, 2019a Bethan James, Mike Irwin, Alessandra Aloisi, Ricardo

619 views • 19 slides

More recommend