Virtualization


In computing, virtualization is a series of technologies that allows dividing of physical computing resources into a series of virtual machines, operating systems, processes or containers.
Virtualization began in the 1960s with IBM CP/CMS. The control program CP provided each user with a simulated stand-alone System/360 computer.
In hardware virtualization, the host machine is the machine that is used by the virtualization and the guest machine is the virtual machine. The words host and guest are used to distinguish the software that runs on the physical machine from the software that runs on the virtual machine. The software or firmware that creates a virtual machine on the host hardware is called a hypervisor or virtual machine monitor. Hardware virtualization is not the same as hardware emulation. Hardware-assisted virtualization facilitates building a virtual machine monitor and allows guest OSes to be run in isolation.
Desktop virtualization is the concept of separating the logical desktop from the physical machine.
Operating-system-level virtualization, also known as containerization, refers to an operating system feature in which the kernel allows the existence of multiple isolated user-space instances.
The usual goal of virtualization is to centralize administrative tasks while improving scalability and overall hardware-resource utilization.

History

A form of virtualization was first demonstrated with IBM's CP-40 research system in 1967, then distributed via open source in CP/CMS in 1967–1972, and re-implemented in IBM's VM family from 1972 to the present. Each CP/CMS user was provided a simulated, stand-alone computer. Each such virtual machine had the complete capabilities of the underlying machine, and the virtual machine was indistinguishable from a private system. This simulation was comprehensive, and was based on the Principles of Operation manual for the hardware. It thus included such elements as an instruction set, main memory, interrupts, exceptions, and device access. The result was a single machine that could be multiplexed among many users.
Hardware-assisted virtualization first appeared on the IBM System/370 in 1972, for use with VM/370, the first virtual machine operating system. IBM added virtual memory hardware to the System/370 series in 1972 which is not the same as Intel VT-x Rings providing a higher privilege level for Hypervisor to properly control Virtual Machines requiring full access to Supervisor and Program or User modes.
With the increasing demand for high-definition computer graphics, virtualization of mainframes lost some attention in the late 1970s, when the upcoming minicomputers fostered resource allocation through distributed computing, encompassing the commoditization of microcomputers.
The increase in compute capacity per x86 server rekindled interest in data-center based computing which is based on virtualization techniques. The primary driver was the potential for server consolidation: virtualization allowed a single server to cost-efficiently consolidate compute power on multiple underutilized dedicated servers. The most visible hallmark of a return to the roots of computing is cloud computing, which is a synonym for data center based computing through high bandwidth networks. It is closely connected to virtualization.
The initial implementation x86 architecture did not meet the Popek and Goldberg virtualization requirements to achieve "classical virtualization":
  • equivalence: a program running under the virtual machine monitor should exhibit a behavior essentially identical to that demonstrated when running on an equivalent machine directly
  • resource control : the VMM must be in complete control of the virtualized resources
  • efficiency: a statistically dominant fraction of machine instructions must be executed without VMM intervention
This made it difficult to implement a virtual machine monitor for this type of processor. Specific limitations included the inability to trap on some privileged instructions. Therefore, to compensate for these architectural limitations, designers accomplished virtualization of the x86 architecture through two methods: full virtualization or paravirtualization. Both create the illusion of physical hardware to achieve the goal of operating system independence from the hardware but present some trade-offs in performance and complexity.
Full virtualization was not fully available on the x86 platform prior to 2005. Many platform hypervisors for the x86 platform came very close and claimed full virtualization.
In 2005 and 2006, Intel and AMD created new processor extensions to the x86 architecture called Intel VT-x and AMD-V, respectively. On the Itanium architecture, hardware-assisted virtualization is known as VT-i. The first generation of x86 processors to support these extensions were released in late 2005 early 2006:
  • On November 13, 2005, Intel released two models of Pentium 4 as the first Intel processors to support VT-x.
  • On May 23, 2006, AMD released the Athlon 64, the Athlon 64 X2 and the Athlon 64 FX as the first AMD processors to support this technology.

    Hardware virtualization

Hardware virtualization '' pools computing resources across one or more virtual machines. A virtual machine implements functionality of a computer with an operating system. The software or firmware that creates a virtual machine on the host hardware is called a hypervisor or virtual machine monitor.
Software executed on these virtual machines is separated from the underlying hardware resources. For example, a computer that is running Arch Linux may host a virtual machine that looks like a computer with the Microsoft Windows operating system; Windows-based software can be run on the virtual machine.
Different types of hardware virtualization include:
  • Full virtualizationAlmost complete virtualization of the actual hardware to allow software environments, including a guest operating system and its apps, to run unmodified.
  • Paravirtualization – The guest apps are executed in their own isolated domains, as if they are running on a separate system, but a hardware environment is not simulated. Guest programs need to be specifically modified to run in this environment.
  • Hybrid virtualization – Mostly full virtualization but utilizes paravirtualization drivers to increase virtual machine performance.

    Full virtualization

Full virtualization employs techniques that pools physical computer resources into one or more instances; each running a virtual environment where any software or operating system capable of execution on the raw hardware can be run in the virtual machine. Two common full virtualization techniques are typically used: binary translation and hardware-assisted full virtualization. Binary translation automatically modifies the software on-the-fly to replace instructions that "pierce the virtual machine" with a different, virtual machine safe sequence of instructions. Hardware-assisted virtualization allows guest operating systems to be run in isolation with virtually no modification to the operating system.
Full virtualization requires that every salient feature of the hardware be reflected into one of several virtual machines – including the full instruction set, input/output operations, interrupts, memory access, and whatever other elements are used by the software that runs on the bare machine, and that is intended to run in a virtual machine.
This approach was pioneered in 1966 with the IBM CP-40 and CP-67, predecessors of the VM family.

Binary translation

In binary translation, instructions are translated to match the emulated hardware architecture, if the virtual machine implements a different instruction set architecture from that of the hardware on which the virtual machine is being run, or to allow the hypervisor to catch hardware references that it must emulate, if the virtual machine implements the same instruction set architecture as the hardware on which the virtual machine is being run. The hypervisor, in this case, translates instructions, or replaces some OS instructions with safer equivalents, during runtime. On the other hand, in hardware-assisted virtualization, the hypervisor configures the CPU to use the hardware's virtualization mechanism. Furthermore, a hypervisor is not the same as an emulator; both are computer programs that imitate hardware, but their domain of use in language differs.

Hardware-assisted

Hardware-assisted virtualization '' is a way of improving overall efficiency of hardware virtualization using help from the host processors. A full virtualization is used to emulate a complete hardware environment, or virtual machine, in which an unmodified guest operating system effectively executes in complete isolation.
Hardware-assisted virtualization was first introduced on the IBM 308X processors in 1980, with the Start Interpretive Execution instruction. It was added to x86 processors in 2005, 2006 and 2010 respectively.
IBM offers hardware virtualization for its IBM Power Systems hardware for AIX, Linux and IBM i, and for its IBM Z mainframes. IBM refers to its specific form of hardware virtualization as "logical partition", or more commonly as LPAR.
Hardware-assisted virtualization reduces the maintenance overhead of binary translation based virtualization as it reduces the code that needs to be translated in the guest operating system. It is also considerably easier to obtain better performance.

Paravirtualization

Paravirtualization is a virtualization technique that presents a software interface to the virtual machines which is similar, yet not identical, to the underlying hardware–software interface. Paravirtualization improves performance and efficiency, compared to full virtualization, by having the guest operating system communicate with the hypervisor. By allowing the guest operating system to indicate its intent to the hypervisor, each can cooperate to obtain better performance when running in a virtual machine.
The intent of the modified interface is to reduce the portion of the guest's execution time spent performing operations which are substantially more difficult to run in a virtual environment compared to a non-virtualized environment. The paravirtualization provides specially defined 'hooks' to allow the guest and host to request and acknowledge these tasks, which would otherwise be executed in the virtual domain. A successful paravirtualized platform may allow the virtual machine monitor to be simpler, and/or reduce the overall performance degradation of machine execution inside the virtual guest.
Paravirtualization requires the guest operating system to be explicitly ported for the para-API – a conventional OS distribution that is not paravirtualization-aware cannot be run on top of a paravirtualizing VMM. However, even in cases where the operating system cannot be modified, components may be available that enable many of the significant performance advantages of paravirtualization. For example, the Xen Windows GPLPV project provides a kit of paravirtualization-aware device drivers, that are intended to be installed into a Microsoft Windows virtual guest running on the Xen hypervisor. Such applications tend to be accessible through the paravirtual machine interface environment. This ensures run-mode compatibility across multiple encryption algorithm models, allowing seamless integration within the paravirtual framework.