architecture virtual machine monitor ( vmm )
DESCRIPTION
Architecture Virtual Machine Monitor ( VMM ). CPU needs to switch between host process and guest process VMM switches context between those processes Computer runs either host context or VMM context Only one operating system can "run" on CPU Ring compression. Provided by. Windows. - PowerPoint PPT PresentationTRANSCRIPT
1
ArchitectureVirtual Machine Monitor (VMM)
• CPU needs to switch between host process and guest process
• VMM switches context between those processes
• Computer runs either host context or VMM context
• Only one operating system can "run" on CPU
• Ring compression
2
Architecture
Win2003 or WinXP
Kernel VMM.sys
Ring 0
Hardware
Ring 1
Ring 3
Windows in VM
VM Additions
Guest Applications
Ring 3
Virtual ServerService
IIS
AdminWeb Site
Provided by
Windows
Virtual Server
Others
Virtual hardware
Host Guest (VM)
Ring 1
3
CPU virtualizationStill one problem left to solve
• We want CPU direct-mode execution
• Guest OS runs directly on CPU - fast! (99% speed)
• When a priviliged operation is required, a trap occurs, and VMM handles operation in kernel mode
• Problem: x86 is not fully virtualized in this way
• 20 kernel-mode read CPU instructions are allowed from outside ring 0 !
• Four possible solutions:
a) Recompile OS and applications without those 20 instructions
• = avoid those 20 instructions
b) Use Binary Translation execution
• = patch code while running on host
c) Install VM Additions in guest
• = patch code in memory in VM
d) Use hardware-assisted virtualization
• = catch instructions in special ring "-1"
4
CPU virtualizationSolutions
• Binary translation
• Translate guest instruction code to host instruction code
• Always possible, but is very slow
• VM Additions
• Patches dll-code in memory in VM (=similar to a rootkit)
• Not possible for 64-bit Vista/Longhorn
• Note that VM Additions also do:
• Time-sync, heartbeat, shutdown supportoptimized SCSI disk, and better mouse/video driver
• Hardware-assisted virtualization
• Use Intel VT or AMD Virtualization CPU
• CPU solves the problem by maintaining settings per VM
• Can be considered as ring "-1"
VM AdditionsVersions
Build Release Notes
10.21 with Virtual PC 5.2 (was named Virtual PC Additions)
13.40 with Virtual PC 2004
13.187 (download) Supports Win XP SP2
13.206 with VS2005
13.306 with Virtual PC 2004 SP1
13.518 with VS2005 SP1 beta
13.531 (download) Supports Win2003 SP1
13.552 with VS2005 R2 Supports Win2003 R2 and Vista (-build 5270)
13.705 with VS2005 R2 SP1 beta1
13.706 (download - Connect) Supports Vista B2 (-build 5384) and Longhorn
13.709 (download - Connect) Supports Vista RC1
13.715 with VS2005 R2 SP1 beta2 Supports Vista RTM
13.724 with Virtual PC 2007 beta
13.802 with Virtual PC 2007 RC Get at connect.microsoft.com/site/sitehome.aspx?SiteID=288
6
VM AdditionsLinux
• Adds:
• time sync
• Heartbeat
• shutdown support
• SCSI disk
• mouse/display driver
• But not direct-mode execution support
• Distributions (9x)
• Red Hat 7.3/9.0, Enterprise 2.1/3/4
• SuSE Linux 9.2/9.3/10.0, Enterprise Server 9
• More available at release VS 2005 R2 SP1
7
ArchitectureHardware-assisted virtualization
Win2003 or WinXP
Kernel VMM.sys
Ring 0
Hardware
Host Guest (VM)
Ring 1
Ring 3
Windows in VM
VM Additions
Guest Applications
Ring 3
Virtual ServerService
IIS
AdminWeb Site
Provided by
Windows
Virtual Server
Others
Virtual hardwareCPU
Ring "-1"
8
Hardware-assisted virtualizationIntel VT or AMD Virtualization
• Supported in:
• Virtual PC 2007
• Virtual Server 2005 R2 SP1
• Windows Virtualization (is requirement)
• Enable in BIOS
• Plus enable in Virtual PC 2007 Options
• Windows guests do not run faster
• Up-to-date VM Additions already provide direct-mode execution
• Windows installation is 2x-3x faster
• Non-Windows guests (Linux, Netware) run faster
9
Virtual Server 2005 R2Specifications
• Host
• CPU
VS2005 Standard Edition: max 4 CPUs (1 or 2 cores)
• VS2005 Enterprise Edition: max 32 CPUs (1 or 2 cores)
• Memory: max 64 GB
• Guest
• CPU: max 1
• Memory: max 3.6 GB
• Network adapters: max 4
• Unlimited bandwidth !
• USB: no
• USB keyboard/mouse is supported
• Workaround for USB smartcard-readers exists !
10
Virtual Server 2005 R2What's new
• Performance
• Increased performance
• Scalability
• x64 hosts: Win2003 and WinXP
• Availability
• Virtual Machine clustering
• Failover VM on same host
• Uses Shared SCSI (or iSCSI) in guest
• Virtual Server Host clustering
• Move VS2005 to other host
• Planned and unplanned downtime
• Requires script - http://go.microsoft.com/fwlink/?LinkId=55644
11
Virtual Server 2005 R2What's new (cont'd)
• Additional guest support+ Win2003 SE SP1
+ WinXP SP2
• PXE Booting
• F6 disk (SCSI disk)
• Speeds up Windows installation
• Virtual Disk Precompactor.iso
• Also...
• Supports hyperthreading on host
• Reserve space for save state file (.vsv)
• Open Windows Firewall ports at install
12
Virtual Server 2005 R2 SP1What's new
• Features
• Intel VT and AMD Virtualization support
• Volume Shadow Copy (VSS) support
• Active Directory integration using Service Connection Points
• Vista as Guest support
• Includes VHD mount tool
• Also...
• Host clustering whitepaper included
• Default vhd capacity is 127 GB (was 16 GB)
• Virtual SCSI fix for Linux 2.6.x guests
13
Differences VS2005 - VPC2007
• Virtual Server 2005:
• Use multiple host CPUs
• Multithreaded
• Multiple CD ROM drives
• NAT through host ICS
• Unlimited networks
• Using vnc-files on host
• Only in VS2005:
• SCSI disk (in VM)
• COM API
• Remote Management
• Run as service
• Auto start VMs
• Virtual PC 2007:
• Use single host CPU
• Single thread for all VMs
• Single CD ROM drive
• NAT support
• Unlimited networks
• Using host (loopback) adapters
• Only in VPC2007:
• Sound card (VM)
• Folder Sharing
• Drag-and-drop
• Copy / Paste
14
Windows VirtualizationVMM arrangements
Hardware
Host OS VMM
Guest 1 Guest 2
Hardware
VMM (Hypervisor)
Guest 1 Guest 2
Hardware
VMM
Guest 1 Guest 2
Host OS
Type-2 VMM
Examples:- JVM- .NET CLR
Examples:- Virtual PC- Virtual Server
Example:- Windows Virtualization ("Viridian")
Type-1 VMMHypervisor
Hybrid VMM
15
Windows Virtualization
• Virtualization for Windows Server
• Code name "Viridian" (= color: rgb 64-130-109 )
• Windows Hypervisor
• Thin layer of software, underneath "host OS" (~160 KB)
• Parent partition - manages child partitions
• Child partition - any number of OS, managed by parent
• Virtualization Stack
• Runs in root partition (= parent partition)
• Provides virtualization of devices
• WMI interface for management
• Virtualization Service Providers (VSPs)
• Hardware sharing architecture
• Need "viridian" drivers in guest
16
Windows Virtualization
• Virtualization for Windows Server• Requires
• x64 hardware
• Intel VT / AMD-V processor
• Provides• 32-bit and 64-bit guest
• Max 8 CPU per VM
• Hot "add": processor, memory, network, disk
• 32+ GB RAM per VM
• Live virtual machine migration
• Multiple snapshots
• No new driver model• Can use existing Windows drivers in guest
• Same set of emulated hardware• S3 Trio video card, DEC 21440 network card, etc
• Support for Server Core as parent OS
17
ArchitectureVirtual PC / Virtual Server 2005 R2
Win2003 or WinXP
Kernel VMM.sys
Ring 0
Hardware
Host Guest (VM)
Ring 1
Ring 3
Windows in VM
VM Additions
Guest Applications
Ring 3
Virtual ServerService
IIS
AdminWeb Site
Provided by
Windows
Virtual Server
Others
Virtual hardware
18
Windows Virtualization
Windows (core)
Kernel
Windows Hypervisor
Ring 0
Hardware
Parent partition Child partition
Ring 3Guest Applications
Ring "-1"
Windows
VMBusEnlightments
KernelVSPs VSCs
Virtualization Stack
VM Service
WMI
VM Worker
Provided by
Windows
Win Virtualizaton
Others
Drivers
19
Windows VirtualizationVSC - VSP Communication
Parent Partition Child Partitions
Kernel ModeKernel Mode
User ModeUser Mode
Windows hypervisorWindows hypervisor
ApplicationsApplications
Provided by:Provided by:
WindowsWindows
ISVISV
Windows Windows
VirtualizationVirtualization
VMBusVMBus
Windows File SystemWindows File System
VolumeVolume
PartitionPartition
DiskDisk
Fast Path Filter (VSC)Fast Path Filter (VSC)
iSCSIprtiSCSIprtVirtual StorageVirtual Storage
Miniport (VSC)Miniport (VSC)
Virtual ServiceVirtual Service
Provider (VSP)Provider (VSP)
StorPortStorPort
Hardware
StorPortStorPort
MiniportMiniport
VM Worker ProcessVM Worker Process
DiskDisk
20
Virtual Server 2005 vsWindows Server Virtualization Virtual Server 2005 R2 Windows Server Virtualization
32-bit VMs? Yes Yes
64-bit VMs? No Yes
Multi-processor VMs? No Yes, up to 8 processor VMs
VM memory support? 3.6 GB per VM More than 32 GB per VM
Hot add memory/processors? No Yes
Hot add storage/networking? No Yes
Can be managed by System Center Virtual Machine Manager?
Yes Yes
Microsoft Cluster support? Yes Yes
Scriptable / Extensible? Yes, COM Yes, WMI
Number of running VMs? 64More than 64.
As many as hardware will allow.
User interface Web Interface MMC 3.0 Interface
21
Networking
• Create .vnc-files to define "virtual switches"
• Three settings per vnc-file:
• - Network name
• - Connected to which host network adapter or to None (guest-only)
• - DHCP settings for this switch
• Pre-defined vnc-files:
• Internal network.vnc
• Separate vnc-file for each host network adapter
• Unique MAC-address assigned
• Unlimited network speed (not max 10/100 Mbps)
22
Disks
• Data store in virtual hard disk (.vhd) files
• File format is the same:
• Virtual PC 2004
• Virtual Server 2005
• Windows Virtualization (future)
• Max sizes
• IDE (VPC2004): 130,557 MB (= 127.5 GB)
• IDE (VS2005): 130,048 MB (= 127.0 GB)
• SCSI (VS2005): 2,088,960 MB (= 2040.0 GB)
23
DisksVHD Format
• Free license from Microsoft
• www.microsoft.com/windowsserversystem/virtualserver/techinfo/vhdspec.mspx
• 45 vendors signed up (April 2006)
• Examples:
• Diskeeper
• PlateSpin
• WinImage
• XenSource
• From 17-Oct-2006:
• Unregistered download available
Virtual Hard Disk Format Specification
• Introductions• Overview of Virtual Hard Disk Types• Virtual hard disk Footer Format• Dynamically expanding .VHD Header Format• Block Allocation Table and Data Blocks• Implementing a Dynamically expanding .VHD• Mapping a Disk Sector to a Sector in the Block• Splitting virtual hard disks• Implementing a Differencing virtual hard disk• CHS Calculation
24
VHD Types
Base VHD types
Dynamically expanding
Default type: Grows as needed
Fixed size Highest performance type
State drive types
Undo Non-persistent, per VM (*.vud)
Differencing Persistent parent-child hierarchy
Saved states Flush memory to disk (*.vsv)
GuestGuest
HostHostGuestGuest
2TB2TB
2TB2TB
2TB2TB
VMVM
HostHost
SP1SP1 SP2SP2
HostHost 2TB2TB1GB1GB
BaseBase
BaseBase SessionSession
25
VHD Test Drive Program
• New: announced 6-Nov-2006
• Fully configured VHD-files
• Downloadable from Microsoft's Web site
• Evaluation versions
• Expires after 30 days
• Partners can also provide their applications
• See www.microsoft.com/vhd for more information
26
VHD Mount ToolAccess VHD content offline
• VHDMount tool is included with VS2005 R2 SP1
• Can install separate:
• Use as command-line tool:
• Use for copying or injecting files, inspecting, virus-scanning
• Do not use for offline patching (yet)
C:\> msiexec.exe /i "Virtual Server 2005 Install.msi" /qn ADDLOCAL=VHDMount
C:\Program Files\Microsoft Virtual Server\Vhdmount> vhdmount.exeUsage:VHDMOUNT /p VHDFileName - mounts vhd-fileVHDMOUNT /m VHDFileName [DriveLetter] - mounts vhd-file, assign drive lettersVHDMOUNT /u VHDFileName | All - unmounts vhd-file or allVHDMOUNT /q VHDFileName | All - lists mounted vhd-file or all
27
VHD EnhancementsWindows Virtualization
• While VM is running
• Compact VHD-file
• Create new diff-disk (snapshotting)
• Create VHD-chain
• Schedule snapshot every 10 minutes
• Merge
• Hot add VHD-file
• Add VHD-file notes
• Think: 1000s of VHD-files on network
• Pass-through VHD - map to SAN
28
Differencing disks
• VHD files use blocks of 2 MB
Read
File-a.doc
1 2 3 4
File-b.doc
1 2 4
Create
File-c.doc
1 2 3 4Grow
File-d.doc
Read only
Virtual Server service
3
Write
3
3 1 2 3 4
Delete
File-d.doc
1 2 3 4
Link toparent
29
DisksRead/write zero-filled files• VHD file format optimizes read/write of
zero-filled blocks
• Best example: empty pagefile.sys
Write
File-a.doc
1 2 3 4
1 2 3 4
Pagefile.sys
Write
1000000000000
2 4000000000000
3000000000000
5...
1 4
Read
000000000000
11000000000000
12
Virtual Server service
30
Compact VHD Files
• Steps
• Note: Does not work on differencing disks
• In VM - Cleanup
• Startup VM without Undo disks
1 Defragment disk
2 Zero-fill all unallocated spaces
• Use Precompactor.iso
• Shutdown VM
• On host - Compact
3 Use VPC Disk Wizard or VS Inspect Disk to compact
31
Virtual Server Clustering
• Three different options
• Virtual Machine (Guest) Clustering - Shared SCSI
• Cluster VMs on same host
• Virtual Machine (Guest) Clustering - iSCSI
• Cluster VMs on different hosts
• Virtual Server Host Clustering
• Cluster VS on different hosts
32
Clustering
Host to Host
Cluster storage
SAN or iSCSI connection
Guest to Guest
Cluster storage
iSCSI connection
33
ClusteringVirtual Machine (Guest) Clustering
• VM (Guest) is the cluster node
• Application in guest is a resource group
• Application is cluster-aware (or Generic)
• Protects against failure of Guest
• If VM or application fails,then failover to other VMon same host or on another host
34
Out-of-the-Box High AvailabilityHost Updating
• Administrator wants to update node 1 with Windows Server Update Services
• Microsoft Cluster Administration Console saves the state of virtual machines and restores them on another node
• Node 1 is ready for update installation
SharedStorage
VM
VM
VM
Node 1 Node 2 Node 3
Shared Storage
WSUS server
WSUS
35
Out-of-the-Box High AvailabilityUnplanned downtime
• Node 1 suffers a power outage or a network failure
• A simple script attached to the Microsoft Cluster Administration Console notices the lack of heartbeat and starts the virtual machines associated with node 1 on other nodes
SharedStorage
VM
VM
VM
Node 1 Node 2 Node 3
Shared Storage
X
36
ClusteringVirtual Server Host Clustering
• Host is the cluster node
• Each VM (Guest) is a resource group
• Generic Script havm.vbs makes VM "cluster-aware"
• Protects against failure of Host
• Application in guest is not monitored by cluster
Function Open() [..] 'starts Virtual Server serviceFunction Online() [..] 'send start control to VMFunction LooksAlive() [..] 'quick check if VM is aliveFunction IsAlive() [..] 'thorough check if VM is aliveFunction Offline() [..] 'send save state control to VMFunction Terminate() [..] 'best attempt to take offline
37
ClusteringVirtual Server Host Clustering
• Benefits
• Move VMs before scheduled host maintenance
• Hardware upgrades
• Software updates on host
• Steps: Saves state VM1 - failover - restore state in VM2
• Protect against unscheduled host failure
• Steps: (Oops) - failover - startup VM2
• Run legacy operating systems in a "clustered" way
38
ClusteringVirtual Server Host Clustering
• Deploy
• Hosts run Cluster service
• Uses iSCSI or SCSI/Fibre Channel to shared storage
• Note: Disable Cluster service when installing VS2005
• Each VM is in a Resource Group
• Or multiple VMs in same Resource Group
• Implemented as Physical Disk resource
• Containing vmc-file, vhd-file and vsv-file
• Add havm.vbs as Generic Script in Resource Group
• Resource dependencies:
• Script havm.vbs OS disk Data disk