kvm virtualization technology
TRANSCRIPT
-
8/6/2019 KVM Virtualization Technology
1/19
RPM BROTHERHOOD | KVM VIRTUALIZATION1
RPM Brotherhood:
KVM VIRTUALIZATIONTECHNOLOGY
Syamsul Anuar Abd NasirFedora Ambassador Malaysia
-
8/6/2019 KVM Virtualization Technology
2/19
RPM BROTHERHOOD | KVM VIRTUALIZATION2
ABOUT ME
Technical Consultant for Warix Technologies -www.warix.my
Warix is a Red Hat partner Offers the services and solutions on building private cloud /
Virtualization based on Red Hat Enterprise Virtualizationand KVM
Fedora Ambassador Malaysia
-
8/6/2019 KVM Virtualization Technology
3/19
RPM BROTHERHOOD | KVM VIRTUALIZATION3
INTRODUCTION
Ability to run multiple Operating System (Windows, Linux,
UNIX etc) on one single physical machine
Decoupling software and applications from single hardware
-
8/6/2019 KVM Virtualization Technology
4/19
RPM BROTHERHOOD | KVM VIRTUALIZATION4
VIRTUALIZATION VOCABULARIES
VM: Virtual Machine Hypervisor / VMM : Virtual Machine Monitor or simple term,
OS for the VM Guests Guest OS: The OS that is run within a virtual machine
Host OS: The OS that runs on the computer system Paravirtualized Guest: The guest OS that is modified to
have knowledge of a VMM. Mostly Xen Full Virtualization: The guest OS is run unmodified in this
environment
-
8/6/2019 KVM Virtualization Technology
5/19
RPM BROTHERHOOD | KVM VIRTUALIZATION5
TYPES OF HYPERVISOR
TYPE 1 : Native or baremetal hypervisor that runs directlyon host hardware. E.g. Xen and KVM
TYPE 2 : Hypervisor software running on top OS. E.g.Virtualbox
Containers: User Space server Virtualization method wherekernel and OS allows multiple solated instances of them
running. Eg. FreeBSD Jails, Solaris Zone, OpenVZ,FreeVPS, and Linux Vserver
-
8/6/2019 KVM Virtualization Technology
6/19
RPM BROTHERHOOD | KVM VIRTUALIZATION6
HARDWARE ASSISTED VIRT
CPU Vendors extending x86 architecture Adding CPU features to support virtualization Feature added ~2006 available in
o Intel VT (Xeon, Core Duo and Core 2 Duo)o AMD AMD-V (Opteron, Athlon and Phenom)
1st Generation Offloads Ring compression to CPU Effectively provides new privilege level
Hypervisor no longer scan and rewrite kernel code CPU provides 'hooks' or 'traps' for privileged
instructions
-
8/6/2019 KVM Virtualization Technology
7/19
RPM BROTHERHOOD | KVM VIRTUALIZATION7
HARDWARE ASSISTED VIRT
2nd Generation Memory Managemento Offloads memory page table management
to CPU & Chipset
o Provides significant performance improvement
Intel - Extended Page Tables (EPT)o Available in Nehalem class Xeon
AMD : Rapid Virtualization Indexing (RVI)owas called NPT (Nested Page Tables)o Available in quad core Opterons
-
8/6/2019 KVM Virtualization Technology
8/19
RPM BROTHERHOOD | KVM VIRTUALIZATION8
THE KVM VIRTUALIZATION KVM the Kernel-based Virtual Machine is a Linux
kernel module that turns Linux into a hypervisor Tightly integrated into Linux and upstream since kernel2.6.20 (January 2007)
Requires hardware virtualization extensions (Intel VMX
and AMD SVM) Offload most work to CPU & chip and NO binarytranslation (So its faster)
Leveraging all the capabilities of the Linux kernelwithout breaking any compatability issue
Cool features - memory and storage overcommit(among others)
-
8/6/2019 KVM Virtualization Technology
9/19
RPM BROTHERHOOD | KVM VIRTUALIZATION9
BENEFITS OF KVM MODEL
Leverage is the name of the gameo Linux no need to re-invent the wheelo Built on trusted, stable enterprise grade platformo Ease of management use same tools
for managing physical servers and hypervisors Advanced features
o Inherit scalability, NUMA support,power management, hot-plug etc
o others have to develop from scratcho SELinux security, S-Virt, Advanced scheduler,
RAS support (Intel Nehalem EX enablement)
-
8/6/2019 KVM Virtualization Technology
10/19
RPM BROTHERHOOD | KVM VIRTUALIZATION10
KVM AS HYPERVISOR
-
8/6/2019 KVM Virtualization Technology
11/19
RPM BROTHERHOOD | KVM VIRTUALIZATION11
-
8/6/2019 KVM Virtualization Technology
12/19
RPM BROTHERHOOD | KVM VIRTUALIZATION12
KVM FEATURESMEMORY OVERCOMMIT
Kernel Same-Page Merging (KSM) Memory Page Sharing
Securely shares identical memory pages between virtualmachine
-
8/6/2019 KVM Virtualization Technology
13/19
RPM BROTHERHOOD | KVM VIRTUALIZATION13
Thin Provisioning
Allocate storage only when needed
Oversubscribe storage
Transparent to virtual machine
Improve Storage UtilizationReduced Storage Costs
Works with NFS, iSCSI and FiberChannel
Storage reporting and alerting
KVM FEATURESSTORAGE OVERCOMMIT
-
8/6/2019 KVM Virtualization Technology
14/19
RPM BROTHERHOOD | KVM VIRTUALIZATION14
KVM FEATURESSECURITY
Security
Inherits security features of Linux
Includes support for SELinux
Provides protection & isolation for virtual machines processes & host
Compromised virtual machine isolation
sVirt Project
Sub-project of NSA's SELinux community
Provides hardened hypervisors
Contain any hypervisor breaches
-
8/6/2019 KVM Virtualization Technology
15/19
RPM BROTHERHOOD | KVM VIRTUALIZATION15
KVM FEATURESVIRTIO
Performance
Open Source Paravirtualized accelerated drivers for Linux KernelVirtualization
Improve performance for Full Hardware Virtualization
Virtualization disk, NIC etc
Collaboration between Red Hat and IBM
Not specific to KVM
-
8/6/2019 KVM Virtualization Technology
16/19
RPM BROTHERHOOD | KVM VIRTUALIZATION16
SOME KVM BENCHMARK (Iperf in KVM)
-
8/6/2019 KVM Virtualization Technology
17/19
RPM BROTHERHOOD | KVM VIRTUALIZATION17
SUMMARY OF RESULTS
One should use Virtio in favor of VT-d pass-through, or emulatedNetwork Driver
Emulated NICs are much slower than Virtio or VT-d
The MAX bandwidth of Virtio connecting to a remote is very close toVT-d or Native
Using Virtio to connect to Dom0 is much faster than using VT-d(since in our setup VT-d is a second NIC)
Source : http://vmstudy.blogspot.com/2010/04/network-speed-test-iperf-in-kvm-virtio.html
-
8/6/2019 KVM Virtualization Technology
18/19
RPM BROTHERHOOD | KVM VIRTUALIZATION18
OTHER TECHNOLOGIES AROUND KVM
Libguestfs - libguestfs is a set of tools which you can use to examineand modify virtual machine images from outside (ie. from the host)
NetCF - a library for configuring network interfaces.
Deltacloud An API that abstract the differences between clouds.
QCOW2 - qcow2 is the native disk image file format of qemu. Itsupports copy-on-write feature.
Cgroups - an upstream kernel feature that allows system resourcesto be partitioned/divided up amongst different processes, or agroup of processes.
Condor - develop, implement, deploy, and evaluate mechanisms andpolicies that support High Throughput Computing (HTC) on largecollections of distributively owned computing resources.
-
8/6/2019 KVM Virtualization Technology
19/19
RPM BROTHERHOOD | KVM VIRTUALIZATION19
THANK YOU
ANY QUESTION ?