KVM virtualization
1. Relevant overview
- Virtualization technology: virtualize a computer into multiple logical computers through virtualization technology, allowing multiple logical computers on one computer at the same time
- At the same time, each logical computer can run different operating systems, and application programs can run in mutually independent spaces without affecting each other, thereby improving the work efficiency of the computer
2. Introduction to KVM
* KVM (Kernel-based Vritual Machine)——基于内核的虚拟机
* KVM是基于虚拟化打展的X86硬件的开源Linux原生的全虚拟化方案(要求cpu支持Intel-VT-x或AMD-V)
* KVM内嵌于内核模块中,模拟处理器和内存以支持虚拟机运行
* 虚拟机被实现为常规的Linux进程,由标准Linux调度程序进行调度;
* 虚拟机的每个虚拟CPU被实现为一个常规的Linux进程。这使得KMV能够使用Linux内核的已有功能
* 但KVM本身不执行任何模拟。需要客户空间程序(虚拟机)通过/dev/kvm (此虚拟设备需要开起硬件辅助虚拟化才能看到)接口设置一个客户机虚拟服务器的地址 空间,
* 并且由Qemu模拟/O (ioctl) 进行调度资源和维护管理
* Libvit: KVM的管理工具,除了可以管理KVM这类VMM,还可以管理Xen, VirtualBox, 甚至OpenStack底层
* Libvirt包含3个组件:后台daemon程序libvirtd. API库、 命令行I具virsh
KVM virtualization architecture and three modes
-
Guest mode (guestOS): The OS in the VM is GuestOS
-
The mode in which the client runs in the operating system. The client is divided into kernel mode and user mode
-
User mode: Provide users with user space tools for virtual machine management and perform I/O on behalf of users. Qemu works in this mode (the main function of Qemu)
-
Linux kernel mode: Simulate CPU and memory, realize the switch of client mode, deal with the introduction of client mode, KVM is running in this mode, and the principle of
KVM -
Guest: The guest system, including the CPU (vCPU), memory, and drivers (Console, network card, I/O device driver, etc.)
are run in a restricted CPU mode by KVM.
The KVM kernel module simulates the processor and memory to support virtual machine operation.
Qemu mainly handles I/O and provides customers with a user space /dev/kvm tool libvirt for virtual machine management
ioctl (definition) system calls dedicated to device input and output operations
libvirt: KVM management tool The
above constitutes a complete virtualization platform
可以简单理解为:
KVM驱动提供处理器、内存的虚拟化,以及客户机I/O的拦截,guest的I/O被拦截后,交由Qemu处理
Qemu利用接口libkvm调用(ioctl)虚拟机设备接口/dev/kvm来分配资源、管理、维护虚拟机
KVM workflow
用户模式的Qemu利用接口libkvm 通过 ioctl系统调用进入内核模式。KVM驱动为虚拟机创建虚拟CPU和虚拟内存,然后执行VMLAU-NCH指令进入客户模式,装载Guest OS并运行。Guest OS运行过程中如果发生异常,则暂停Guest OS的运行并保存当前状态同时退出到内核模式来处理这些异常。
内核模式处理这些异常时如果不需要V/O则处理完成后重新进入客户模式。如果需要V/O则进入到用户模式,则由Qemu来处理I/O,处理完成后进入内核模式,再进入客户模式
3. Development of virtualization technology
1961年,IBM709机器实现了分时系统,将CPU占用切分为多个极短的时间片(1/100sec)每一个时间片执行不同的工作,通过对这些时间片进行轮询从而将一个CPU伪装成多个CPU
1972年,IBM正式将system370机分时系统命名为虚拟机
1990年,IBM推出的system390机支持逻辑分区(将一个CPU分为多份,相互独立,也就是逻辑分割)
Xen 2003年问世,是一个外部的hypervisor/VMM程序(虚拟机管理程序),能够控制宿主机和给多个客户机分配资源
KVM:2007年问世,现已内置在kernel内核中的
Xen 支持的虚拟化技术:全虚拟化,半虚拟化
KVM支持的虚拟机化技术:全虚拟化
Four, the three types of virtualization
- Full virtualization: All physical hardware resources are abstracted through software, and finally called
- Method of use: Using hypervisor (VMM) software, the principle is to establish an abstraction layer between the underlying hardware and the server, and the core-based virtual machine is an open source hypervisor (VMM) for Linux systems that can capture CPU instructions. Act as an intermediary for instructions to access hardware controllers and peripherals.
- Paravirtualization: need to modify the operating system
- Pass-through: use physical hardware resources directly (need support, not perfect yet)
Five, the advantages of virtualization
- Centralized management (remote management, maintenance)
- Improve hardware utilization (low utilization of physical resources such as peak value, virtualization solves "idle" capacity)
- Dynamically adjust the machine/resource configuration (virtualization separates the application and service hardware of the system and improves flexibility)
- High reliability (additional functions and solutions can be deployed to improve application environments such as transparent load balancing, migration, and recovery replication)
Sixth, the disadvantages of virtualization
- High upfront cost (initial hardware support)
- Reduce hardware utilization (in certain scenarios-for example, applications that are extremely resource-hungry are not necessarily suitable for virtualization)
- Larger error impact area (the local physical machine down may cause the virtual machine to be unavailable, and at the same time, all the files in the virtual machine may be damaged)
- Complex implementation configuration and complicated management (difficulty in operation and maintenance and troubleshooting of management personnel)
- Certain restrictions (virtualization technology involves various restrictions and must be used in conjunction with servers, applications and vendors that support/compatible virtualization)
- Security (the security risks of virtualization technology itself)