Why use KVM?

• Technical definition of KVM

“Kvm, the kernel-based Virtual machine, is modern hypervisor technology integrated directly into the Linux kernel. In short, it allows a Linux kernel running on bare metal to act directly as the hypervisor itself.”

• Contrast KVM to Xen

---

1. Kvm tightly integrates the hypervisor as part of the host operating system, making a single component. Xen is a more complex design, with two privileged components that are loosely integrated at best, the xen hypervisor and Dom0 host, both of which need to function for the node to function.
2. The kvm project was started by Qumranet (now part of Red Hat) in October 2006: it was ready to be submitted to the upstream kernel developers by December 2006 and was accepted in the 2.6.20 kernel one month later, adding about 40000 lines of code to Linux kernels and kernel features as they are developed.
3. One example of how this integration helps is in power management. This is a hard area to implement in operating systems; in KVM, a small amount of glue code allowed the hypervisor to be tied into automatic frequency scaling and suspend/resume support with running virtual machines with a small amount of glue code KVM also inherits real-time and SELinux features from the kernel, as another example.
4. The main limitation of KVM compared to xen is that is does not support full guest paravirtualization; KVM requires modern processors with support for native virtualization. However, KVM does support paravirtualized devices which can be used to speed up disk or network I/O if the guest operating system has appropriate device drivers installed and configured. As with xen sufficient physical RAM and disk space for each guest must be provided.
5. KVM and Memory management :-- One nice thing about KVM memory management is that the “physical” memory seen by the guest operating system in its virtual machine is just a chunk of virtual memory allocated to a qemu-kvm process on the host. The host

[ Read More ]

Supported X86 hardware for Advanced Virtualization

Additional technologies continue to be developed to enhance x86 native virtualization performance.

Generation 2: MMU virtualization

• Manage mapping of Vm memory to host memory in hardware (“nested page tables”)
• Intel EPT / AMD RVI

Generation 3: I/O virtualization.

• Secure PCI pass-through: assign PCI devices directly to virtual machines ( Intel VT-d, AMD IOMMU).
• SR-IOV: Allow special PCI devices to be split into multiple virtual devices passed through to VMs.

“The enabling technology on the motherboard chipset is secure PCI pass-through; this allows physical PCI devices to be directly attached to virtual machines without exposing the hypervisor or other virtual machines to attacks through direct memory transfers or PCI bus snooping. This can deliver near-native I/O performance for virtual machines. On intel, this is called VT-d; on AMD, this is called IOMMU”

[ Read More ]

What is native virtualization

Virtualization is faster than emulation.

• Most code directly executes as native CPU instructions without changes (low over head)
• “Sensitive” instructions must be intercepted and handled by the hypervisor.

Ideally, processor architecture supports native virtualization

• This means all sensitive instructions used by a virtual machine can be intercepted and handled by the hypervisor on that architecture.
• This allows Operating System to be run in a virtual machine without modification.

Early x86 processors did not support native virtualization.

[ Read More ]

What is Paravirtualization

“Paravirtualization is a technique where the hypervisor provides the guest operating system with special interfaces so that it can communicate more efficiently with the hypervisor.”
A technique which allows guest operating systems to work with the hypervisor.

• Requires modifications to the operating system and/or special drivers which are hypervisor-aware.
• Also called cooperative virtualization.

Can be used to support guests running modified operating systems on machines without native virtualization support (Xen).

Can be used to improve performance of unmodified operating systems on machines with native virtualization support (Kvm and Xen).

[ Read More ]

Technical defination of Virtualization Terminology

Virtualization
"Virtualization divids a computer into multiple execution environments running separate operating system."
" Virtualization is a process that breaks the hard connection between the physical hardware and the operating system and applications running on it.After being virtualized in a vSphere virtual machine, the operating system and applications are no longer constrained by the limits imposed by residing on a single physical machine. Virtual equivalents of physical elements such as switches and storage operate within a virtual infrastructure that can span the enterprise."
"System virtualization allows a single computer to be partitioned or divided into multiple virtual computers which may each run its own operating system simultaneously.These virtual machines are isolated from each other . From the perspective of each operating system, it is running on its own private hardware. They may have their own network interfaces and IP addresses, file system and other peripherals. Different virtual machiness need not run the same operating system or version of the operating system"
Hypervisor
"A hypervisor is the software that manages and supports the virtualization environment."
It runs the virtual machines for each virtualized operating system, providing access to virtual CPUs, memory, disks, networking and other peripherals while restricting the virtual machines from having direct access to the real hardware and each other. The physical machine or operating system providing the hypervisor is called the HOST.

[ Read More ]