CCIS - Chapter # 4 - Virtualization.pptx
SanaLatif13
30 views
52 slides
Sep 25, 2024
Slide 1 of 52
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
About This Presentation
virtualization in cloud computing
Slide Content
Virtualization Chapter 4 Cloud Computing: Infrastructure & Services Sheheryar Malik, Ph.D.
Virtualization In computing, virtualization is simulating a hardware platform, operating system (OS), storage device, or network resources The term "virtualization" traces its roots to 1960s mainframes during which it was a method of logically dividing the mainframes' resources for different applications Virtualization allows one computer to do the job of multiple computers Virtual environments let one computer host multiple operating systems at the same time
Virtualization Virtualization is way to run multiple operating systems and user applications on the same hardware E.g., run both Windows and Linux on the same laptop How is it different from dual-boot? Both Operating Systems run simultaneously The Operating Systems are completely isolated from each other
Virtualization Operating System App. A App. B App. C App. D Hardware Virtualization Layer Virtual Container App. A App. B Hardware Virtual Container App. C App. D ‘Nonvirtualized’ system A single OS controls all hardware platform resources Virtualized system It makes it possible to run multiple Virtual Containers on a single physical platform
Virtualization x86 Multi-Core, Multi Processor 70% Hardware Utilization x86 Windows 10 App. A x86 Windows 2003 App. B x86 Suse Linux App. C x86 Red Hat Linux App. D
Uses of Virtualization Server consolidation Run a web server and a mail server on the same physical server Easier development Develop critical operating system components (file system, disk driver) without affecting computer stability Quality Assurance Testing a network product (e.g., a firewall) may require tens of computers Try testing thoroughly a product at each pre-release milestone and have a straight face when your boss shows you the electricity bill Cloud computing Really helpful in cloud computing
Why to Virtualize x86 server deployments introduced new IT challenges Low server infrastructure utilization (10-18%) Increasing physical infrastructure costs (facilities, power, cooling, etc) Increasing IT management costs (configuration, deployment, updates, etc) Insufficient failover and disaster protection The solution for all these problems was to virtualize x86 platforms It matches the benefits of high hardware utilization with running several operating systems (applications) in separated virtualized environments Each application runs in its own operating system Each operating system does not know it is sharing the underlying hardware with others
Why Virtualize Cloud Infrastructure Virtualization has three characteristics that make it ideal for cloud computing Partitioning In virtualization, many applications and operating systems ( OSes ) are supported in a single physical system by partitioning (separating) the available resources Isolation Each virtual machine is isolated from its host physical system and other virtualized machines Because of this isolation, if one virtual instance crashes, it doesn’t affect the other virtual machines Encapsulation A virtual machine can be represented (and even stored) as a single file, so you can identify it easily based on the service it provides The encapsulated process could be a business service The encapsulated virtual machine can be presented to an application as a complete entity
Hypervisor
Hypervisor In computing, a hypervisor is a virtualization platform that allows multiple operating systems to run on a host computer at the same time Also called Virtual Machine Monitor
Types of Hypervisor Native (bare-metal) hypervisor It runs directly on a given hardware A "guest" operating system thus runs at the second level above the hardware It sits directly on the hardware platform and most likely used to gain better performance for individual users Has complete control over hardware Doesn’t have to “fight” an OS Hosted hypervisor Runs as a distinct software layer above both the hardware and the OS Useful both in private and public clouds to gain performance improvements Avoid code duplication: need not code a process scheduler, memory management system – the OS already does that Can run native processes alongside VMs Familiar environment – how much CPU and memory does a VM take Easy management – stop a VM? Sure, just kill it
Bare-metal Hypervisor (Type 1) Example: VMware ESX, Microsoft Hyper-V, Xen Hardware Virtualization Platform OS 3 OS 1 OS 2 OS 4 Applications Applications Applications Applications Host Guest
Hosted Hypervisor (Type 2) Hardware Virtualization Platform OS 3 OS 1 OS 2 Applications Applications Applications Applications Base Operating System Examples: VMware Workstation, Microsoft Virtual PC, Sun VirtualBox , QEMU, KVM Host Guest
VMware Products VMware Workstation Pro First product launched by VMware in 1999 It allows users to run multiple instances of x86 or x86-64 -compatible operating systems on a single physical PC VMware Workstation Player It is for users without a license (for non-commercial use) to use VMware Workstation or VMware Fusion VMware Fusion It provides similar functionality for users of the Intel Mac platform, along with full compatibility with virtual machines created by other VMware products VMware vSphere It is an enterprise-level product, can deliver greater performance than the freeware VMware Server, due to lower system overhead It is also called " ESXi " VMware ESXi , as a "bare-metal" product, runs directly on the server hardware, allowing virtual servers to also use hardware more or less directly In addition, VMware ESXi integrates into VMware vCenter , which offers extra services to enhance the reliability and manageability of a server deployment
Types of Virtualizations
Types of Virtualization
Hardware Virtualization Full virtualization Almost complete simulation of the actual hardware to allow software, which typically consists of a guest operating system, to run unmodified Partial virtualization Some but not all of the target environment is simulated Some guest programs, therefore, may need modifications to run in this virtual environment Paravirtualization Hardware environment is not fully simulated It involves modifying the OS kernel to replace non- virtualizable instructions with hypercalls that directly communicate with the virtualization layer hypervisor The guest programs are executed in their own isolated domains, as if they are running on a separate system The hypervisor and the operating system collaborate on the virtualization, requiring operating system changes but resulting in near native performance
Desktop Virtualization It is a software technology that separates the desktop environment and associated application software from the physical client device that is used to access it It may allow all the components of the desktop to be virtualized which allows for a highly flexible and much more secure desktop delivery model It supports a more complete desktop disaster recovery strategy as all components are essentially saved in the data center and backed up through traditional redundant maintenance systems If a user's device or hardware is lost then the restore is much more straightforward and simple, as all the components will be present at login from another device there is much less chance that any critical data cannot be retrieved and compromised, because no data is saved to the user's device
Remote Desktop Virtualization Remote desktop virtualization implementations operate as client/server computing environments In this application execution takes place on a remote operating system which is linked to the local client device over a network using a remote display protocol through which the user interacts with applications All applications and data used remain on the remote system with only display, keyboard, and mouse information communicated with the local client device Devices can be a conventional PC/laptop, a thin client device, a tablet, or even a Smartphone A common implementation of this approach is to host multiple desktop operating system instances on a server hardware platform running a hypervisor It is generally referred to as "Virtual Desktop Infrastructure" or "VDI” Remote desktop virtualization is frequently used in the following scenarios In distributed environments with high availability requirements and where desk-side technical support is not readily available, such as branch office and retail environments In environments where high network latency degrades the performance of conventional client/server applications In environments where remote access and data security requirements create conflicting requirements that can be addressed by retaining all (application) data within the data center
Other Application of Virtualization Virtualization can be applied very broadly to just about everything that you could imagine
Software Virtualization Operating system-level virtualization hosting of multiple virtualized environments within a single OS instance Application virtualization It is a software technology that encapsulates application software from the underlying operating system on which it is executed It is the hosting of individual applications in an environment separated from the underlying OS Application virtualization is closely associated with the concept of portable applications
Software Virtualization Workspace virtualization It is a way of distributing applications to client computers using application virtualization It also bundles several applications together into one complete workspace It is an approach that encapsulates and isolates an entire computing workspace Service virtualization It is emulating the behavior of dependent (e.g., third-party, evolving, or not implemented) system components that are needed to exercise an application under test (AUT) for development or testing purposes Rather than virtualizing entire components, it virtualizes only specific slices of dependent behavior critical to the execution of development and testing tasks
Memory Virtualization Memory virtualization aggregating random-access memory (RAM) resources from networked systems into a single memory pool Virtual memory giving an application program the impression that it has contiguous working memory, isolating it from the underlying physical memory implementation 23 Each application sees its own logical memory, independent of physical memory Virtual Memory Benefits of Virtual Memory Remove physical-memory limits Run multiple applications at once Physical memory Swap space App App App
Storage Virtualization Storage virtualization the process of completely abstracting logical storage from physical storage Distributed file system any file system that allows access to files from multiple hosts sharing via a computer network Virtual file system an abstraction layer on top of a more concrete file system, allowing client applications to access different types of concrete file systems in a uniform way Storage hypervisor the software that manages storage virtualization and combines physical storage resources into one or more flexible pools of logical storage Virtual disk drive a computer program the emulates a disk drive such as a hard disk drive or optical disk drive
Storage Virtualization Virtualization Layer Heterogeneous Physical Storage Servers Benefits of Storage Virtualization Increased storage utilization Adding or deleting storage without affecting application’s availability Non-disruptive data migration
Data Virtualization Data virtualization the presentation of data as an abstract layer, independent of underlying database systems, structures and storage Database virtualization the decoupling of the database layer, which lies between the storage and application layers within the application stack over all
Network Virtualization Network virtualization creation of a virtualized network addressing space within or across network subnets Virtual private network (VPN) a network protocol that replaces the actual wire or other physical media in a network with an abstract layer, allowing a network to be created over the Internet VLAN A VLAN B VLAN C VLAN trunk Switch Switch Benefits of Virtual Networks Common network links with access-control properties of separate links Manage logical networks instead of physical networks Virtual SANs provide similar benefits for storage-area networks
x86 Virtualization
x86 modes: Privilege Levels x86 processor’s segment-protection mechanism recognizes 4 privilege levels (0-high, 3-low level) – unused
Extending the Concept of Virtualization
Evolution of Virtualization Solutions Time Dynamic Translation Virtual Machine Hardware Operating System Virtual Machine … Virtualization Logic Hardware Virtual Machine Virtual Machine … Hypervisor Hypervisor Hardware VM VM …
Full Virtualization 1 st Generation offering of x86/x64 server virtualization Dynamic binary translation The emulation layer talks to an operating system which talks to the computer hardware The guest OS doesn't see that it is used in an emulated environment All of the hardware is emulated including the CPU Two popular open source emulators are QEMU and Bochs Emulated Hardware Virtual Machine Guest OS Device Drivers App. A App. B App. C Hardware Host OS Device Drivers
Full Virtualization Advantages The emulation layer Isolates VMs from the host OS and from each other Controls individual VM access to system resources, preventing an unstable VM from impacting system performance Total VM portability By emulating a consistent set of system hardware, VMs have the ability to transparently move between hosts with dissimilar hardware without any problems It is possible to run an operating system that was developed for another architecture on your own architecture A VM running on a Dell server can be relocated to a Hewlett-Packard server Disadvantages Hardware emulation comes with a performance price In traditional x86 architectures, OS kernels expect to run privileged code in Ring 0 However, because Ring 0 is controlled by the host OS, VMs are forced to execute at Ring 1/3, which requires the VMM to trap and emulate instructions Due to these performance limitations, paravirtualization and hardware-assisted virtualization were developed
Para-Virtualization Hardware environment is not fully simulated It involves modifying the OS kernel to replace non-virtualizable instructions with hypercalls that directly communicate with the virtualization layer hypervisor The Hypervisor is responsible for handling the virtualization requests and putting them to the hardware The Guest OS is modified and thus run kernel-level operations at Ring 1 (or 3) the guest is fully aware of how to process privileged instructions thus, privileged instruction translation by the VMM is no longer necessary The guest operating system uses a specialized API to talk to the VMM and, in this way, execute the privileged instructions Virtual Machine Monitor Virtual Machine Guest OS Device Drivers App. A App. B App. C Specialized API Hardware Hypervisor Device Drivers
Para-Virtualization Approaches Recompiling the OS kernel Paravirtualization drivers and APIs must reside in the guest operating system kernel You do need a modified operating system that includes this specific API, requiring a compiling operating systems to be virtualization aware Some vendors (such as Novell) have embraced paravirtualization and have provided paravirtualized OS builds, while other vendors (such as Microsoft) have not Installing paravirtualized drivers In some operating systems it is not possible to use complete paravirtualization , as it requires a specialized version of the operating system To ensure good performance in such environments, paravirtualization can be applied for individual devices For example, the instructions generated by network boards or graphical interface cards can be modified before they leave the virtualized machine by using paravirtualized drivers
Hardware-assisted Virtualization The guest OS runs at ring 0 The VMM uses processor extensions (such as Intel®-VT or AMD-V) to intercept and emulate privileged operations in the guest Hardware-assisted virtualization removes many of the problems that make writing a VMM a challenge The VMM runs in a more privileged ring than 0, a virtual -1 ring is created The hypervisor/VMM runs at Ring -1 super-privileged mode Virtual Machine Monitor Virtual Machine Guest OS Device Drivers App. A App. B App. C Specialized API Hardware Hypervisor Device Drivers
Hardware-assisted Virtualization Pros It allows to run unmodified Operating systems (so legacy OS can be run without problems) Cons Speed and Flexibility An unmodified OS does not know it is running in a virtualized environment and so, it can’t take advantage of any of the virtualization features It can be resolved using paravirtualization partially
Desktop Virtualization A VMM or hypervisor running on a physical desktop Examples include: Microsoft Virtual PC Parallels Desktop for Mac VMware Fusion WINE Use cases include: Emulating Windows games on the Macintosh, Testing code inside VMs Underpinning client-side workspace virtualization Desktop hypervisors and VMMs don’t necessarily scale to meet enterprise needs; that’s why most of the providers have server products as well
Server-side Workspace Virtualization A workspace (desktop operating system with custom configuration) running inside a virtual machine hosted on a server Examples include: VMware VDI Use cases include: Centrally managed desktop infrastructure Security enforcement and lockdown A pool of virtual workspaces resides on the server Remote users log into them from any networked device via Microsoft’s Remote Desktop Protocol (RDP) Users can customize their virtual workspace to their heart’s content, while operators enjoy the relatively straightforward task of managing desktop configuration on one central server Connection brokers arbitrate between a pool of virtual workspaces residing on a central server The biggest problem with server-hosted workspace virtualization is that it’s a bandwidth hog Performance is constrained by the performance of your network
Client-side Workspace Virtualization A workspace (desktop operating system with custom configuration) running inside a virtual machine hosted on a desktop Examples include: Kidaro Managed Workspace Sentillion vThere Use cases include: Secure remote access Protection of sensitive data for defense, healthcare industries Personal computer running corporate desktops remotely A virtual workspace is served out to execute on the client device Centralizes management Its big advantage over other models is the security and isolation of data and logic on the client It’s the right model for organizations that need to ensure the security of environments served to remote users Defense contractors Healthcare providers
Application Isolation An application packaged with its own virtual copies of the operating system resources it might otherwise need to change (registries, file systems, libraries) Examples include: Thinstall Trigence Use cases include: Preventing DLL hell Sandboxing desktop applications for secure execution Applications use a virtual registry ( Thinstall ) and file system embedded in the package with the application These extra tools insulate applications from changes to and incompatibility with the underlying desktop operating system Mostly in Windows, although Linux and Solaris as well Drawback: increased footprint of the application package and the correspondingly greater memory requirements
Application Streaming Just-in-time delivery of a server-hosted application to the desktop, such that the desktop application can execute before the entire file has been downloaded from the server Examples include: AppStream Microsoft App-V Citrix XenApp Use cases include: Managing the number of instances of running applications, in the case of license constraints Superset of Application Isolation, including a delivery method and an execution mode You stream the application code to the desktop, where it runs in isolation No full PC environment, just the application, so you have to provide a workspace Requires to maintain the client-side operating system and ensuring compatibility
Periodic Table of Virtualization
Linux-related virtualization projects Project Type License Bochs Emulation LGPL QEMU Emulation LGPL/GPL z/VM Full virtualization Proprietary VMware Full virtualization Proprietary Xen Paravirtualization GPL UML Paravirtualization GPL Linux- VServer Operating system-level virtualization GPL OpenVZ Operating system-level virtualization GPL
Bochs (emulation) Bochs is an x86 computer simulator that is portable and runs on a variety of platforms, including x86, PowerPC, Alpha, SPARC, and MIPS It simulate the entire computer, including the peripherals, such as the keyboard, mouse, video graphics hardware, network interface card (NIC) devices, and so on Bochs can be configured as an older Intel® 386, or successor processors such as the 486, Pentium, Pentium Pro, or a 64-bit variant Using the Bochs emulator, you can run any Linux distribution on Linux
QEMU (emulation) QEMU is another emulator, like Bochs , but it has some differences that are worth noting QEMU supports two modes of operation Full System Emulation mode This mode is similar to Bochs in that it emulates a full personal computer (PC) system with processor and peripherals This mode emulates a number of processor architectures, such as x86, x86_64, ARM, SPARC, PowerPC, and MIPS, with reasonable speed using dynamic translation Using this mode, you can emulate the Windows operating systems and Linux on Linux, Solaris, and FreeBSD User Mode Emulation In this mode, which can only be hosted on Linux, a binary for a different architecture can be launched This allows, for example, a binary compiled for the MIPS architecture to be executed on Linux running on x86 Other architectures supported in this mode include ARM, SPARC, and PowerPC, though more are under development
z/VM (full virtualization) The z/VM is the operating system hypervisor for the System z by IBM It provides the virtualization of physical resources to the guest operating systems, including Linux It permits multiple processors and other resources to be virtualized for a number of guest operating systems The z/VM can also emulate a guest local area network (LAN) virtually for those guest operating systems that want to communicate with each other
VMware VMware is a commercial solution for full virtualization Typically a hypervisor sits between the guest operating systems and the bare hardware as an abstraction layer This abstraction layer allows any operating system to run on the hardware without knowledge of any other guest operating system VMware also virtualizes the available I/O hardware and places drivers for high-performance devices into the hypervisor The entire virtualized environment is kept as a file, meaning that a full system (including guest operating system, VM, and virtual hardware) can be easily and quickly migrated to a new host for load balancing
Xen Xen is a native (bare-metal) hypervisor providing services that allow multiple computer operating systems to execute on the same computer hardware concurrently It is a free open source solution for operating system-level paravirtualization from XenSource It is available for the IA-32, x86-64 and ARM instruction sets Operating systems that support Xen include Linux Windows, Minix , Plan 9, NetBSD, FreeBSD, and OpenSolaris Xen offers five approaches to running the guest operating system: HVM (hardware virtual machine) HVM with PV drivers PVHVM (paravirtualization with full hardware virtualization i.e. HVM with PVHVM drivers) PVH (PV in an HVM container) PV (paravirtualization)
Linux- VServer Linux- VServer is a solution for operating system-level virtualization Linux- VServer virtualizes the Linux kernel so that multiple user-space environments, otherwise known as Virtual Private Servers (VPS), run independently with no knowledge of one another Linux- VServer achieves user-space isolation through a set of modifications to the Linux kernel It operates on a number of platforms, including x86, x86-64, SPARC, MIPS, ARM and PowerPC
OpenVZ Open is another operating system-level virtualization solution, like Linux- VServer OpenVZ is a virtualization-aware (modified) kernel that supports isolated user-spaces, VPS, with a set of user-tools for management For example, you can easily create a new VPS from the command line
Linux KVM (Kernel Virtual Machine) KVM is a full virtualization solution that is unique in that it turns a Linux kernel into a hypervisor using a kernel module This module allows other guest operating systems to then run in user-space of the host Linux kernel The KVM module in the kernel exposes the virtualized hardware through the /dev/ kvm character device The guest operating system interfaces to the KVM module using a modified QEMU process for PC hardware emulation
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 30
- Slides 52
- Age 433 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
46 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
20 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
24 views