Yao ZhengDepartmentofElectrical Engineering
UniversityofHawaiʻiat Mānoa
BasedontheslidesofProf.RoyCampbell&ProfRezaFarivar
EE660:ComputerArchitectureCloudArchitecture:Virtualization
Agenda
• IntroductiontoVirtualization• ImplementationsofVirtualization• OSbasedVirtualization:Xen• Containers:Dockers
Spacereservedfor videoDonotputanything here
Sharing Resources
• Economics of Clouds requires sharing resources
• How do we share a physical computer among multiple users?
• Answer: Abstraction• Introduce an abstract model of what a
generic computing resource should look like• The physical computer resource then
provides this abstract model to many users
Spacereservedfor videoDonotputanything here
Layersof Abstraction
• Introduce an abstract model of whata generic computing resource should look like
• The physical computer resource thenprovides this abstract model to many users
• Virtualization avoids creating dependencies on physical resources
Spacereservedfor videoDonotputanything here
Layersof Abstraction
• Introduce an abstract model of whata generic computing resource should look like
• The physical computer resource thenprovides this abstract model to many users
• Virtualization avoids creating dependencies on physical resources
Spacereservedfor videoDonotputanything here
Virtualization:FoundationofCloudComputing
• Virtualization allows distributed computing models without creating dependencies on physical resources
• Clouds are based on Virtualization• offer services based mainly on virtual machines, remote
procedure calls, and client/servers• provide lots of servers to lots of clients (e.g. phones)
• Simplicity of use and ease of programming requires allowing client server paradigms to be used to construct services from lots of resources
Spacereservedfor videoDonotputanything here
Typesof virtualization
• Native, full• Hardware assisted• Para-virtualization• OS level
• Containers• Jails• Chroot• Zones• Open-VZ à Virtuozzo
Spacereservedfor videoDonotputanything here
NativeandFull Virtualization
• the virtual machine simulates enough hardware to allow an unmodified "guest" OS (one designed for the same CPU) to be run in isolation.
• Examples:• VirtualBox• Virtual PC• Vmware• QEMU
Guest GuestOS OS
Apps Apps
Hypervisor (VMM)Hardware
Management
…..
Spacereservedfor videoDonotputanything here
Hardwareenabled virtualization
• the virtual machine has its own hardware and allows a guest OS to be run in isolation.
• Intel VT (IVT)• AMD virtualization (AMD-V)• Examples:
• VMware Fusion• Parallels Desktop for Mac• Parallels Workstation
…..
Hardware
Apps
Guest Guest GuestOS OS OS
Apps Apps
Hardware VM Hardware VM
Spacereservedfor videoDonotputanything here
Paravirtualization
ModifiedGuest OS Manag
ement
…..
Hypervisor (VMM)Hardware
Stub
ModifiedGuest OS
Stub
• the virtual machine does not necessarily simulate hardware, but instead (or in addition) offers a special API that can only be used by modifying the "guest" OS.
• Examples:• XEN
Apps Apps
Spacereservedfor videoDonotputanything here
Operating system-levelvirtualization
• virtualizing a physical server at the operating system level, enabling multiple isolated and secure virtualized servers to run on a single physical server.
• Examples:• Linux-Vserver• Solaris Containers• FreeBSD Jails• Chroot• CGroups
PrivateServer
PrivateServer
PrivateServer…..
Operating System
Hardware
Spacereservedfor videoDonotputanything here
The“Software-defined Network”
Simple PacketForwardingHardware
Simple PacketForwardingHardware
Simple PacketForwardingHardware
Simple PacketForwardingHardware Simple Packet
ForwardingHardware
NetworkOperating System
1.Openinterfaceto hardware
3.Well-definedopen API
App App App
2.Atleastonegoodoperating systemthatisextensibleandpossiblyopen source
Spacereservedfor videoDonotputanything here
TrendVirtualizedOS +Virtualized Network
Windows(O(OSS))
Mac
x86(Computer)
WWininddoowwss(OS)
AppApp
LLininuuxxLinux OOSSMMaacc
OS
Virtualization Layer
App
Computer Industry
AppApp
Virtualizationor “Slicing”
App
OpenFlow
NCOCoXonntrtorolllelerr11(Network OS)
CCoonntrtorolllelerrN2e2tworkOS
Network IndustrySimplecommonstablehardwaresubstratebelow+programmability+strongisolationmodel+competitionabove=faster innovation
Spacereservedfor videoDonotputanything here
Trend— ThenAdd VirtualizedStorage
Linu Mac
x86(Computer)
WWininddooWwiwnsdsows(O(SO(O)SS))
AppApp
LinuLxinxux OOSS
MMaaccOS
Virtualization Layer
App
Computer Industry
AppApp
“Slicing”
App
OpenFlow
CCoonnttrroollllNOX(Neeerrtw11orkOS)
CCoonnttrroollleleNrretworkO22S
Network Industry
AppApp
Controller
Virtualization
App
Distributed FSStorageAreaNetwork
CCoonntrtorolllelerr11HDFSControllerH2B2ase
Storage Industry
Agenda
• IntroductiontoVirtualization• ImplementationsofVirtualization• OSbasedVirtualization:Xen• Containers:Dockers
Spacereservedfor videoDonotputanything here
Typesof Virtualization
• Native, full• Hardware assisted• Para-virtualization• OS level
• Containers• Jails• Chroot• Zones• Open-VZ à Virtuozzo
Spacereservedfor videoDonotputanything here
• The virtual machine simulates enough hardware to allow an unmodified "guest" OS (one designed for the same CPU) to be run in isolation.
• Examples:• VirtualBox• Virtual PC• Vmware• QEMU• Win4Lin• XEN/Virtual Iron
NativeandFullVirtualization
Spacereservedfor videoDonotputanything here
HardwareEnabled Virtualization
• The virtual machine has its own hardware and allows a guest OS to be run in isolation.
• Intel VT (IVT)• AMD virtualization (AMD-V)• Examples:
• VMware Fusion• Parallels Desktop for Mac• Parallels Workstation
Spacereservedfor videoDonotputanything here
Partial Virtualization
• The virtual machine simulates multiple instances of much (but not all) of an underlying hardware environment, particularly address spaces.
Spacereservedfor videoDonotputanything here
Paravirtualization
• The virtual machine does not necessarily simulate hardware, but instead (or in addition) offers a special API that can only be used by modifying the "guest" OS.
• Terminologies• Hypervisor, hypercall• Enomalism
• Examples:• XEN, KVM, Win4Lin 9x
Spacereservedfor videoDonotputanything here
OperatingSystem-Level Virtualization
• Virtualizing a physical server at the operating system level, enabling multiple isolated and secure virtualized servers to run on a single physical server.
• Examples:• Parallels Workstation• Linux-VServer, Virtuozzo• OpenVZ, Solaris Containers• FreeBSD Jails• Chroot ?
Spacereservedfor videoDonotputanything here
OperatingSystem-Level Virtualization
• Hypervisor (VM)• OnerealHW,manyvirtualHWs,many Oss
• Highversatility– canrundifferent Oss
• Lowerdensity,performance,scalability
• <<Lowers>> are mitigated bynew hardware features (such asVT-D)
• Containers (CT)• OnerealHW(novirtualHW),onekernel,manyuserspaceinstances
• Higherdensity,natural page
• Dynamicresource allocation• Nativeperformance:[almost]no overhead
sharing
Spacereservedfor videoDonotputanything here
ThinnerContainers,BetterPerformance
• Containers• Share host OS and drivers• Have small virtualization layer• Naturally share pages
• Hypervisors• Have separate OS plus virtual hardware• Hardware emulation requires VMM state• Have trouble sharing guest OS pages
• Containersaremoreelasticthan hypervisors• ContainerslicingoftheOSisideallysuitedtocloud slicing
• Hypervisors’ only advantage in IaaS is support for different OSfamilies on one server
Spacereservedfor videoDonotputanything here
Feature Comparison
11
Hypervisor ContainerMultiple Kernels XLoad Arbitrary Modules XLocal Administration AllLive Migration OpenVZLive System Update X Zap
Agenda
• IntroductiontoVirtualization• ImplementationsofVirtualization• OSbasedVirtualization:Xen• Containers:Dockers
Spacereservedfor videoDonotputanything here
•Driver Domain•MapVirtual Devices•CFQfor disk•HTBfor network
Xen3.0Guest VM
Spacereservedfor videoDonotputanything here
Security Isolation•Hypervisor•AccessPhysical Level
•PCI Address•Virtual Memory
Xen3.0Guest VM
Spacereservedfor videoDonotputanything here
Security Isolation•Hypervisor•AccessPhysical Level
•PCI Address•Virtual Memory
Resource Control•Hypervisor
•Allocate Resources•Schedule VMs
Xen3.0Guest VM
Agenda
• IntroductiontoVirtualization• ImplementationsofVirtualization• OSbasedVirtualization:Xen• Containers:Dockers
Spacereservedfor videoDonotputanything here
Overview
• “Docker containers wrap up a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries –anything you can install on a server. This guarantees that the software will always run the same, regardless of its environment it is running in.”(Docker Inc., n.d.)
Spacereservedfor videoDonotputanything here
Overview
• Docker automates the deployment of applications inside software containers
• Additional layer of abstraction and automation of operating system–level virtualization on Linux.
Spacereservedfor videoDonotputanything here
Historyof Docker
• SolomonHykesstartedDockerinFranceasaninternalprojectwithindotCloud,aplatform-as-a-servicecompany
• Dockerwasreleasedasopensourcein13March 2013• libcontainerlibrarywrittenintheGoprogramminglanguage.• Latestversion1.11.2(31May 2016)• Dockerteam,RedHat,IBM,Google,CiscoSystemsandAmadeusITGroup.
Spacereservedfor videoDonotputanything here
Basicsof Docker
ComponentA’s
Docker File
Source CodeRepository
DockerEngine
DeveloperLinux Host
ContainerA
DockerContainerImageRegistry
DestinationLinuxHost
Docker
ContainerB
ContainerC
Build
ContainerA
Push
search
PullRun