Virtual is at Ion the KVM Way 357

8/7/2019 Virtual is at Ion the KVM Way 357

1/22

Virtualisation: The KVMWay

Amit [email protected]

foss.in/2007


2/22

Copyright 2007 Qumranet, Inc. All rights reserved.2

Virtualisation

Simulation of computer system in softwareComponents

Processor Management: register state, instructions, exceptionsMemory Management: paging, protection, TLBIO Management: storage, human interface

Essentials:PerformanceFidelity


3/22

Copyright 2007 Qumranet, Inc. All rights reserved.

Uses

Server consolidation Testing, R&DVirtual Desktops


4/22


Virtualisation Basics

Trap changes to privileged stateGuest cannot access hardware

Hide privileged stateGuest cannot detect that the host is changing things behind itsback

Example: interrupt enable flag


5/22


A Look Back

Native HypervisorsHave a runtimeNeed a primary guest OSExamples: Xen, VMWare ESX Server, IBM mainframes

ContainersDifferent namespaces for different guestsRun on host kernelUserland can be different from hostExamples: OpenVZ, FreeVPS, Linux-Vserver

ParavirtualisationEmulation

Examples: qemu, pearpc


6/22


Virtualisation

Simulation of computer system in softwareComponents

Processor Management: register state, instructions, exceptionsMemory Management: paging, protection, TLBIO Management: storage, human interface

Essentials:PerformanceFidelity


7/22Copyright 2007 Qumranet, Inc. All rights reserved.

The KVM Approach

We had most of the hypervisor ready: LinuxReuse code as much as possibleFocus on virtualisation, leave other things to respectivedevelopersIntegrate well into existing infrastructure, codebaseand mindsetLinux

Add capability to run a guest

qemuIO virtualisation

Difference from emulation is emphasis on near-nativeperformance


8/22


KVM Process Model

kernel

task task guest task task guest


9/22


KVM Process Model (cont'd)

Guests are scheduled as regular processeskill(1), top(1) work as expectedGuest physical memory is mapped into the task'svirtual memory spaceVirtual processors in one VM are threads


10/22


KVM Execution Model

Native GuestExecution

KernelExit Handler

UserspaceExit Handler

Switch to

Guest Mode

ioctl()

Userspace Kernel Guest

LightweightExit

HeavyweightExit


11/22


X86 Hardware Extensions

'guest mode' in addition to user and kernel modesRaise a trap for all privileged instructionsVirtualised registersProcessor

Intel-VT (VMX)AMD-V (SVM)

MMEPT (Intel)

NPT (AMD)IO

VT-d (Intel)IOMMU (AMD)


12/22


What's handled in the kernel?

CPU virtualisation (special instructions)MMU virtualisationLocal APIC, PIC, and IOAPIC(planned) paravirtualised network and block device(planned) paravirtualised guest kernel supportcode


13/22


Flow Example: Memory Access

Guest accesses an unmapped memory locationHardware traps into kernel modekvm walks the guest page table, determines guestphysical address

kvm performs guest physical -> host physicaltranslationkvm installs shadow page table entry containing guestvirtual -> host physical translationProcessor restarts execution of faulting instruction


14/22


KVM on other architectures

s390IBM mainframes: hypervisor is a mustWIP

IA-64

Patches ready for reviewx86

kvm-lite

Embedded PowerPC

Architecture support for hypervisorWIP


15/22


Paravirtualisation

Modifying guest OS for performanceVirtio

Common drivers for all hypervisorsHypervisor-specific backendKVM backend in progressFaster performanceEfficient block, net drivers

PV DMAPass through Ethernet devices


16/22


Distro / Industry interest

libvirtManaging various guests under a hypervisorSupport for Xen, KVMAPIs between UI, middle layer and virtualisation backend

DistributionsDebianUbuntuRedHat EL

SLESAlso ported to FreeBSD


17/22


KVM Pros

Leverages Linux scheduler, memory management, I/ONo scheduler involvement for I/OUses existing Linux security model (can run VM asordinary user)Uses existing management toolsPower managementGuest memory swapping

Real-time schedulingLeverages Linux development momentum


18/22


Release Philosophy

Development snapshots every 1-2 weeksRelease early and oftenFeatures introduces quicklyBugs fixed quickly

Bugs added quicklyAllows developers and users to track and test the latestand greatest

Stable releases part of Linux 2.6.xWith bugfixes going into Linux 2.6.x.y


19/22


KVM is Developer-friendly

No need to reboot (usually)Netconsole, oprofile, all the tools workSmall codebaseFriendly community


20/22


Future

Consolidate various virtualisation solutions existing inthe kernelMore architecture supportMore hardware features supportMore paravirtualisation supportImprove guest scalingSupport for management layers like libvirt


21/22


Do Read

drivers/kvm/*KvmForum2007 wiki page on http://[email protected]

[email protected]
http://kvm.qumranet.com/kvmwiki/KvmForum2007http://kvm.qumranet.com/http://kvm.qumranet.com/http://kvm.qumranet.com/kvmwiki/KvmForum2007


22/22

Thank You

Documents

Virtual is at Ion the KVM Way 357