SlideShare uma empresa Scribd logo

Cloud Computing Virtualization and Containers Guide

Selvaraj Kesavan
Selvaraj Kesavan

Virtualization and docker concepts

Tecnologia
1 de 33
Baixar para ler offline
CLOUD COMPUTING- VIRTUALIZATION AND CONTAINERS Dr.Selvaraj Kesavan
Contents - Virtualization 2  Virtualization  Types of Virtualization and Advantages  x86 Hardware Virtualizations  Virtualization Issues  Dockers
Cloud Computing - Enablers 3  Virtualization  Web 2.0 and social networking  Web Scaling  Hardware costs  Evolution of high speed communication technologies
Virtualization 4  A virtual machine (VM) is a software implementation of a machine (for example, a computer) that executes programs like a physical machine  Each VM is fully protected and isolated copy of physical machine. It is used to share the expensive hardware which helped to reduce costs and also helped to improve the productivity as many users can concurrently used the same hardware Cloud Resource Virtualization  System security, as it allows isolation of services running on the same hardware.  Performance and reliability, as it allows applications to migrate from one platform to another.  The development and management of services offered by a provider.  Performance isolation
Virtualization 5 • Traditional environment • 50 applications, DB’s require multiple machines based on Architecture /platform • High infrastructure and hardware cost • Increasing complexity and High maintenance • Multiple development environment • Virtualization • Isolation & encapsulation • Scalability • Containers • software technology providing additional layer of abstraction and over OS virtualization. • Build once and deploy many times.
Virtualization Interfaces 6 Instruction Set Architecture (ISA)  Boundary between hardware and software. Application Binary Interface (ABI)  regulates the inter-operation of binary code and development tools in architecture-based execution environments  objects produced by the toolchain can work together with object libraries from different producers  Application and the library modules to access the hardware;  ABI does not include privileged system instructions, instead it invokes system calls. Application Program Interface (API)  Set of instructions the hardware was designed to execute and gives the application access to the ISA;  Includes HLL library calls which often invoke system calls.
Virtualization 7  Application Programming Interface, Application Binary Interface, and Instruction Set Architecture .  An application uses library functions (A1), makes system calls (A2), and executes machine instructions (A3).
Virtualization - Types 8 • Hardware Virtualization (system Virtualization) • Guest running on the top of hardware • Guest - operating system, Host -Physical computer hardware • Virtual machine Manager(Hypervisor) allows the abstraction of the underlying physical hardware • It is program or a combination of software and hardware • Provides direct ISA mapping to Virtual machines • Type 1 (bare metal) and Type 2 (on OS) Hypervisor • Hardware Assisted (Xen,VMWare) Full and Paravirtualization (Xen,VMWare, Wind River). • OS Virtualization (Process Virtualization) • Create different and separated execution environments for applications concurrently. • OS kernel allows for multiple isolated user space instances. • Directly use OS calls without emulation • Ex: Containers, • Key building block in IaaS • Programming language-level virtualization
Virtualization – Classification (Based on Usage) 9 • Server virtualization • Abstracts the physical machine on which the software and operating system is running on and provides an illusion that the software is running on a virtual machine. • Enables Infrastructure as a service model. • VMware, Microsoft Hyper-V, Red Hat KVM and Citrix Xen • Storage virtualization • Uses virtualization to enable better functionality and more advanced features in computer data storage systems. • It can be defined as technique to abstract physical storage system from user’s application and presented as logical entities hiding the complexities of accessing them. • It enables Storage as a service model. • RAID array can sometimes be considered a type of storage virtualization. Multiple physical disks in the array are presented to the user as a single storage device that, in the background, replicates data to multiple disks in case of a single disk failure
Virtualization – Classification (Based on Usage) 10 • Need for Server virtualization • In the case of server consolidation, many small physical servers are replaced by one larger physical server to increase the utilization of costly hardware resources such as CPU. • Consolidating servers can also have the added benefit of reducing energy consumption. • A virtual machine can be more easily controlled and inspected from outside than a physical one, and its configuration is more flexible. • A new virtual machine can be provisioned as needed without the need for an up-front hardware purchase. • A virtual machine can easily be relocated from one physical machine to another as needed. • Need for Storage virtualization  Manage heterogeneous storage environments
Elements of Hardware (System)Virtualization 11 • Guest OS • Software installed on either a virtual machine (VM) or partitioned disk that describes an operating system that is different than the host operating system • Virtual Machine Monitor (VMM) or hypervisor • Hypervisor is an efficient Virtual Machine Manager (VMM) that is designed from the ground up to run multiple high performant VMs • Host OS • Software installed on a computer that interacts with the underlying hardware and is usually used to describe an operating system used in a virtualized server
Virtual Machine Monitor (VMM) or Hypervisor 12 • Multiple services to share the same platform. • Live migration - the movement of a server from one platform to another. • System modification while maintaining backward compatibility with the original system. • Enforces isolation among the systems, thus security. • Traps the privileged instructions executed by a guest OS and enforces the correctness and safety of the operation. • Traps interrupts and dispatches them to the individual guest operating systems. • Controls the virtual memory management • Maintains a shadow page table for each guest OS and replicates any modification made by the guest OS in its own shadow page table. • This shadow page table points to the actual page frame and it is used by the Memory Management Unit (MMU) for dynamic address translation. • Monitors the system performance and takes corrective actions to avoid performance degradation. For example, the VMM may swap out a Virtual Machine to avoid thrashing.
Virtual Machine Monitor (VMM) or Hypervisor 13 • Partitioning Kernel ▪ “Partition” is isolation boundary ▪ Few virtualization functions; relies on virtualization stack • Very thin layer of software ▪ Microkernel ▪ Highly reliable ▪ Basis for smaller Trusted Computing Base (TCB) • No device drivers ▪ Drivers run in a partition • Well-defined interface ▪ Allow others to create support for their OSes as guests
Virtual Machine Monitor (VMM) or Hypervisor 14 Monolithic and Microkernel hypervisor:  Single kernel  Simple kernel with partitioning functionality
Virtual Machine Monitor (VMM) or Hypervisor 15 Basic Functionalities of Hypervisors  CPU sharing –  virtual view of CPU to VMs (vCPU)  VMM or Hypervisor allots CPU to different VMs  Share Memory  Application access memory via Kernel and Hypervisor  Virtual Machines two level of indirection maintained by VMM  I/O Share  Guest kernel to convey an arbitrary location to device for writing  Each device defines its own protocol for talking to drivers  virtual device is substituted for its physical equivalent
Types of Hypervisors 16  Native hypervisor (Bare metal)  Native hypervisor run directly on top of physical hardware providing the features like IO etc required by the applications.  Hosted hypervisor  Hosted hypervisors runs on top of operating system and uses features of operating system.  Hosted hypervisors run on top of an existing OS and leverage the features of the underlying OS.  Virtual machines run on top of the hosted hypervisor, which runs on top of an existing OS.  Hybrid hypervisor.  Hybrid hypervisors runs directly on top of hardware and uses features of operating system.
Native hypervisor (Bare metal) 17 Native Hypervisor Hosted Hypervisor Hybrid Hypervisor
Techniques for Hypervisors- Full and Para Virtualization 18  Full virtualization  Guest OS can run unchanged under the VMM as if it was running directly on the hardware platform.  Hypervisor provides complete abstraction, and the guest OSes don't know -- or care -- about the presence of a hypervisor.  VM manager to translate back and forth between physical and virtual resources, like CPUs and memory spaces  Requires a virtualizable architecture.  Examples: Vmware.  Paravirtualization  Guest operating system is modified to use only instructions that can be virtualized.  allowing an OS to actually recognize the presence of a hypervisor and communicate directly with that hypervisor to share activity that would otherwise be complex and time-consuming for the hypervisor's VM manager to handle  Guest VM OSes must be modified or adapted to implement an API capable of exchanging hypercalls with the paravirtualization hypervisor  Reasons for paravirtualization:  Some aspects of the hardware cannot be virtualized.  Improved performance.
Techniques for Hypervisors 19 Trap and emulate virtualization  When CPU is running in user mode, some internal or external events, which need to be handled in kernel mode, take place.  Then CPU will jump to hardware exception handler vector, and execute system operations in kernel mode. Ex: System Call  Invoked by application in user mode.  For example, application ask OS for system IO. Hardware Interrupts  Invoked by some hardware events in any mode.  For example, hardware clock timer trigger event. Exception  Invoked when unexpected error or system malfunction occur.  For example, execute privilege instructions in user mode.
Techniques for Hypervisors 20 To make CPU virtualization to be efficient  We should make guest binaries run on CPU as fast as possible.  Theoretically, run all guest binaries natively, there will NO overhead at all.  But we cannot let guest OS handle everything, VMM should be able to control all hardware resources. Solution : Ring Compression  Shift traditional OS from kernel mode(Ring 0) to user mode(Ring 1), and run VMM in kernel mode.  Then VMM will be able to intercept all trapping event.
Techniques for Hypervisors 21  Guests continue execution until they try to access a shared physical resource of the hardware (such as an I/O device), or an interrupt is received.  When this happens, the hypervisor regains control and mediates access to the hardware, or handles the interrupt  privilege level or protection ring  x86 privilege levels, the mechanism whereby the OS and CPU conspire to restrict what user-mode programs can do  0 (most privileged) to 3 (least privileged)  All user code runs in ring 3 and all kernel code runs in ring 0  If the guest tries to access a protected resource, such as an I/O device, an interrupt takes place, and the hypervisor regains control. The hypervisor then emulates the I/O operation for the guest.
22 Trap and Emulate Model  Let normal instructions of guest OS run directly on processor in user mode.  When executing privileged instructions, hardware will make processor trap into the VMM.  The VMM emulates the effect of the privileged instructions for the guest OS and return to guest.
23 Trap and Emulate Model • VMM and Guest OS :  System Call • CPU will trap to interrupt handler vector of VMM. • VMM jump back into guest OS.  Hardware Interrupt • Hardware make CPU trap to interrupt handler of VMM. • VMM jump to corresponding interrupt handler of guest OS.  Privilege Instruction • Running privilege instructions in guest OS will be trapped to VMM for instruction emulation. • After emulation, VMM jump back to guest OS.
24 Trap and Emulate Model  Limitations:  Some amount of performance overhead incurred due to this technique  Not all architectures are suitable for implementing trap and emulate virtualization.  Some commands executed in privilege mode to non privilege mode using the classical trap and emulate technique will not serve the purpose  Binary translation  Hypervisor includes a binary translator which replaces the sensitive instructions by equivalent non-sensitive instructions at run-time, and leaves non-sensitive instructions unchanged  Paravirtualization:  The guest is modified (re-written) not to use the sensitive instruction, but to directly invoke hypervisor APIs
Hardware Support for Virtualization 25  Intel and AMD created new processor extensions to support virtualization in the hardware  VT-x, an Intel technology that helps virtualize Intel x86 processors  Extended Page Tables (EPT) which helps virtualize memory  VT-d, a technology to assist in the virtualization of I/O  VMX root operation and VMX non-root operation  Hypervisors are intended to execute in VMX root operation, which is almost identical to normal execution in earlier x86 processors without VT-x.  Guests execute in VMX non-root operation, which has been defined to help support virtualization.
Virtualization- Advantages 26 • Multiple OS environments can co-exist on the same primary hard drive. Regardless of the system, all files are stored on the hard drive of the host OS. • Application provisioning, maintenance, high availability and disaster recovery are inherent in the virtual machine software selected. • Can provide emulated hardware environments different from the host's instruction set architecture (ISA), through emulation or by using just-in-time compilation.
Virtualization- Limitations 27 • A virtual machine is less efficient than an actual machine when it accesses the host hard drive indirectly. • When multiple VMs are concurrently running on the hard drive of the actual host, adjunct virtual machines may exhibit a varying and/or unstable performance (speed of execution and malware protection). This depends on the data load imposed on the system by other VMs, unless the selected VM software provides temporal isolation among virtual machines. • Malware protections for VMs are not necessarily compatible with the "host", and may require separate software.
Container 28 • Containers and VMs • To isolate an application and its dependencies into a self-contained unit that can run anywhere • Remove the need for physical hardware, allowing for more efficient use of computing resources, both in terms of energy consumption and cost effectiveness. • Containers • virtualize at the operating system level, with multiple containers running atop the OS kernel directly • container provides operating-system-level virtualization by abstracting the “user space” • ability to create predictable environments that are isolated from other applications • run virtually anywhere, greatly easing development and deployment • virtualize CPU, memory, storage, and network resources at the OS-level, providing developers with a sandboxed view of the OS logically isolated from other applications. • Ex: Docker, LXC, Kubernetes, FreeBSD Jails etc..
Docker 29 • Provide a uniformed wrapper around a software package • Build, Ship and Run Any App, Anywhere • Virtualization of application instead of hardware • Runs on top of the core OS (Linux or Windows) • Doesn’t require dedicated CPU, Memory, Network —managed by core OS • Similar to shipping containers: The container is always the same, regardless of the contents and thus fits on all trucks, cranes, ships • Docker • Containerization platform that packages your application and all its dependencies together in the form of a docker container to ensure that your application works seamlessly in any environment • Docker Container • Standardized unit which can be created on the fly to deploy a particular application or environment  Docker Engine • Docker application that is installed on your host machine. It works like a client-server application which uses [www.docker.com]
Docker 30 • Docker Image • Template which is used to create Docker Containers. They are the building blocks of a Docker Container • Docker Registry • Docker Images are stored. The Registry can be either a user’s local repository or a public repository like a Docker Hub • Docker Architecture  Docker client - trigger Docker commands,  Docker Host – running the Docker Daemon  Docker Registry – storing Docker Images.  The Docker Daemon running within Docker Host is responsible for the images and containers
Docker Vs VM 31  Virtual Machines are slow and take a lot of time to boot.  Containers are fast and boots quickly as it uses host operating system and shares the relevant libraries.  Containers do not waste or block host resources unlike virtual machines.  Containers have isolated libraries and binaries specific to the application they are running.  Containers are handled by Containerization engine.  Docker is one of the containerization platforms which can be used to create and run containers  Consistent runtime environment, Application sandboxing, low overhead, occupies less disk size and resource saving
Summary 32  Virtualization – System and Process  VMM or Hypervisor  Guest OS and Host OS  API,ABI and ISA  Trap and Emulate, Binary Translation, Full, Paravirtualization  Docker Container
Thank You 33

Recomendados

Internet of things
Internet of thingsInternet of things
Internet of thingsSelvaraj Kesavan
 
Emergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewEmergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewSelvaraj Kesavan
 
Quiz 1 cloud computing
Quiz 1 cloud computing Quiz 1 cloud computing
Quiz 1 cloud computing Lahore Garrison University
 
Cloud Computing and Data Centers
Cloud Computing and Data CentersCloud Computing and Data Centers
Cloud Computing and Data Centersbega karadza
 
Why Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformWhy Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformNet at Work
 
Platform as a Service
Platform as a ServicePlatform as a Service
Platform as a ServiceAshok Kumar
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stackSatish Chavan
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine securityJacob Zvirikuzhe
 

Recomendados

Internet of things
Internet of thingsInternet of things
Internet of thingsSelvaraj Kesavan
 
Emergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewEmergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewSelvaraj Kesavan
 
Quiz 1 cloud computing
Quiz 1 cloud computing Quiz 1 cloud computing
Quiz 1 cloud computing Lahore Garrison University
 
Cloud Computing and Data Centers
Cloud Computing and Data CentersCloud Computing and Data Centers
Cloud Computing and Data Centersbega karadza
 
Why Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformWhy Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformNet at Work
 
Platform as a Service
Platform as a ServicePlatform as a Service
Platform as a ServiceAshok Kumar
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stackSatish Chavan
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine securityJacob Zvirikuzhe
 
Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesAditi Shrivastava
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 E B
 
Virtualization
VirtualizationVirtualization
VirtualizationKingston Smiler
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)johndorian555
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud ComputingJosh Folgado
 
Microsoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMicrosoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMd Yousup Faruqu
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
IntroductorytocomputingAnne Starr
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar reportSKS
 
Cloud
CloudCloud
CloudBastin Rogers
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization SecurityRubal Sagwal
 
Virtualization and how it leads to cloud
Virtualization and how it leads to cloudVirtualization and how it leads to cloud
Virtualization and how it leads to cloudHuzefa Husain
 
Virtualization Security Risks
Virtualization Security RisksVirtualization Security Risks
Virtualization Security RisksTommy Tracx Xaypanya
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingVipin Batra
 
Cloud presentation NELA
Cloud presentation NELACloud presentation NELA
Cloud presentation NELAEdward Iglesias
 
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET Journal
 
Virtualization
VirtualizationVirtualization
VirtualizationSrisailam Reddy Kanapuram
 
Private Compute-as-a-Service
Private Compute-as-a-ServicePrivate Compute-as-a-Service
Private Compute-as-a-ServiceKeao Caindec
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hostingtechzimslides
 
Cloud computing
Cloud computingCloud computing
Cloud computingSriharsha Koritala
 
Virtualization and cloud Computing
Virtualization and cloud ComputingVirtualization and cloud Computing
Virtualization and cloud ComputingRishikese MR
 
Virtualization in Cloud Computing
Virtualization in Cloud ComputingVirtualization in Cloud Computing
Virtualization in Cloud ComputingPyingkodi Maran
 

Mais conteúdo relacionado

Mais procurados

Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesAditi Shrivastava
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 E B
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)johndorian555
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud ComputingJosh Folgado
 
Microsoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMicrosoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMd Yousup Faruqu
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
IntroductorytocomputingAnne Starr
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar reportSKS
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization SecurityRubal Sagwal
 
Virtualization and how it leads to cloud
Virtualization and how it leads to cloudVirtualization and how it leads to cloud
Virtualization and how it leads to cloudHuzefa Husain
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingVipin Batra
 
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET Journal
 
Private Compute-as-a-Service
Private Compute-as-a-ServicePrivate Compute-as-a-Service
Private Compute-as-a-ServiceKeao Caindec
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hostingtechzimslides
 

Mais procurados (20)

Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization services
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computing
 
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud Computing
 
Microsoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMicrosoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private Cloud
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
Introductorytocomputing
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar report
 
Cloud
CloudCloud
Cloud
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization Security
 
Virtualization and how it leads to cloud
Virtualization and how it leads to cloudVirtualization and how it leads to cloud
Virtualization and how it leads to cloud
 
Virtualization Security Risks
Virtualization Security RisksVirtualization Security Risks
Virtualization Security Risks
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Cloud presentation NELA
Cloud presentation NELACloud presentation NELA
Cloud presentation NELA
 
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Private Compute-as-a-Service
Private Compute-as-a-ServicePrivate Compute-as-a-Service
Private Compute-as-a-Service
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hosting
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Semelhante a Cloud Computing Virtualization and Containers Guide

Virtualization and cloud Computing
Virtualization and cloud ComputingVirtualization and cloud Computing
Virtualization and cloud ComputingRishikese MR
 
Virtualization in Cloud Computing
Virtualization in Cloud ComputingVirtualization in Cloud Computing
Virtualization in Cloud ComputingPyingkodi Maran
 
Unit 3 Virtualization.pdf
Unit 3 Virtualization.pdfUnit 3 Virtualization.pdf
Unit 3 Virtualization.pdfPrachiKurhade3
 
Cloud Computing using virtulization
Cloud Computing using virtulizationCloud Computing using virtulization
Cloud Computing using virtulizationAJIT NEGI
 
Virtualization unit 3.pptx
Virtualization unit 3.pptxVirtualization unit 3.pptx
Virtualization unit 3.pptxBinod Rimal
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatinRaj Sarode
 
Lecture5 virtualization
Lecture5 virtualizationLecture5 virtualization
Lecture5 virtualizationhktripathy
 
lecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptxlecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptxAnilkumarbehera16
 
Unit-3-Virtualization.pptx
Unit-3-Virtualization.pptxUnit-3-Virtualization.pptx
Unit-3-Virtualization.pptxSupriyaPeerapur
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfkhan593595
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfkhan593595
 
Virtualization.pptx
Virtualization.pptxVirtualization.pptx
Virtualization.pptxSenthil Vit
 
Virtualization
VirtualizationVirtualization
Virtualizationvishnurk
 
A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2Krishna Kumar Singh
 
6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptx6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptxAnsarHasas1
 

Semelhante a Cloud Computing Virtualization and Containers Guide (20)

Virtualization and cloud Computing
Virtualization and cloud ComputingVirtualization and cloud Computing
Virtualization and cloud Computing
 
Virtualization in Cloud Computing
Virtualization in Cloud ComputingVirtualization in Cloud Computing
Virtualization in Cloud Computing
 
Unit 3 Virtualization.pdf
Unit 3 Virtualization.pdfUnit 3 Virtualization.pdf
Unit 3 Virtualization.pdf
 
Cloud Computing using virtulization
Cloud Computing using virtulizationCloud Computing using virtulization
Cloud Computing using virtulization
 
Virtualization unit 3.pptx
Virtualization unit 3.pptxVirtualization unit 3.pptx
Virtualization unit 3.pptx
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatin
 
Lecture5 virtualization
Lecture5 virtualizationLecture5 virtualization
Lecture5 virtualization
 
Live VM Migration
Live VM MigrationLive VM Migration
Live VM Migration
 
lecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptxlecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptx
 
Unit-3-Virtualization.pptx
Unit-3-Virtualization.pptxUnit-3-Virtualization.pptx
Unit-3-Virtualization.pptx
 
1 (3).pptx
1 (3).pptx1 (3).pptx
1 (3).pptx
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdf
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdf
 
Virtualization.pptx
Virtualization.pptxVirtualization.pptx
Virtualization.pptx
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Virtualizaiton-3.pptx
Virtualizaiton-3.pptxVirtualizaiton-3.pptx
Virtualizaiton-3.pptx
 
Virtualization
VirtualizationVirtualization
Virtualization
 
A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2
 
1 virtualization
1 virtualization1 virtualization
1 virtualization
 
6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptx6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptx
 

Mais de Selvaraj Kesavan

Role of cloud and analytics in IoT
Role of cloud and analytics in IoTRole of cloud and analytics in IoT
Role of cloud and analytics in IoTSelvaraj Kesavan
 
Cloud computing aws -key services
Cloud computing aws -key servicesCloud computing aws -key services
Cloud computing aws -key servicesSelvaraj Kesavan
 

Mais de Selvaraj Kesavan (6)

Analytics&IoT
Analytics&IoTAnalytics&IoT
Analytics&IoT
 
Role of cloud and analytics in IoT
Role of cloud and analytics in IoTRole of cloud and analytics in IoT
Role of cloud and analytics in IoT
 
Cloud computing aws -key services
Cloud computing aws -key servicesCloud computing aws -key services
Cloud computing aws -key services
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Gstreamer internals
Gstreamer internalsGstreamer internals
Gstreamer internals
 
Multimedia streaming
Multimedia streamingMultimedia streaming
Multimedia streaming
 

Último

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Último (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Cloud Computing Virtualization and Containers Guide

  • 1. CLOUD COMPUTING- VIRTUALIZATION AND CONTAINERS Dr.Selvaraj Kesavan
  • 2. Contents - Virtualization 2  Virtualization  Types of Virtualization and Advantages  x86 Hardware Virtualizations  Virtualization Issues  Dockers
  • 3. Cloud Computing - Enablers 3  Virtualization  Web 2.0 and social networking  Web Scaling  Hardware costs  Evolution of high speed communication technologies
  • 4. Virtualization 4  A virtual machine (VM) is a software implementation of a machine (for example, a computer) that executes programs like a physical machine  Each VM is fully protected and isolated copy of physical machine. It is used to share the expensive hardware which helped to reduce costs and also helped to improve the productivity as many users can concurrently used the same hardware Cloud Resource Virtualization  System security, as it allows isolation of services running on the same hardware.  Performance and reliability, as it allows applications to migrate from one platform to another.  The development and management of services offered by a provider.  Performance isolation
  • 5. Virtualization 5 • Traditional environment • 50 applications, DB’s require multiple machines based on Architecture /platform • High infrastructure and hardware cost • Increasing complexity and High maintenance • Multiple development environment • Virtualization • Isolation & encapsulation • Scalability • Containers • software technology providing additional layer of abstraction and over OS virtualization. • Build once and deploy many times.
  • 6. Virtualization Interfaces 6 Instruction Set Architecture (ISA)  Boundary between hardware and software. Application Binary Interface (ABI)  regulates the inter-operation of binary code and development tools in architecture-based execution environments  objects produced by the toolchain can work together with object libraries from different producers  Application and the library modules to access the hardware;  ABI does not include privileged system instructions, instead it invokes system calls. Application Program Interface (API)  Set of instructions the hardware was designed to execute and gives the application access to the ISA;  Includes HLL library calls which often invoke system calls.
  • 7. Virtualization 7  Application Programming Interface, Application Binary Interface, and Instruction Set Architecture .  An application uses library functions (A1), makes system calls (A2), and executes machine instructions (A3).
  • 8. Virtualization - Types 8 • Hardware Virtualization (system Virtualization) • Guest running on the top of hardware • Guest - operating system, Host -Physical computer hardware • Virtual machine Manager(Hypervisor) allows the abstraction of the underlying physical hardware • It is program or a combination of software and hardware • Provides direct ISA mapping to Virtual machines • Type 1 (bare metal) and Type 2 (on OS) Hypervisor • Hardware Assisted (Xen,VMWare) Full and Paravirtualization (Xen,VMWare, Wind River). • OS Virtualization (Process Virtualization) • Create different and separated execution environments for applications concurrently. • OS kernel allows for multiple isolated user space instances. • Directly use OS calls without emulation • Ex: Containers, • Key building block in IaaS • Programming language-level virtualization
  • 9. Virtualization – Classification (Based on Usage) 9 • Server virtualization • Abstracts the physical machine on which the software and operating system is running on and provides an illusion that the software is running on a virtual machine. • Enables Infrastructure as a service model. • VMware, Microsoft Hyper-V, Red Hat KVM and Citrix Xen • Storage virtualization • Uses virtualization to enable better functionality and more advanced features in computer data storage systems. • It can be defined as technique to abstract physical storage system from user’s application and presented as logical entities hiding the complexities of accessing them. • It enables Storage as a service model. • RAID array can sometimes be considered a type of storage virtualization. Multiple physical disks in the array are presented to the user as a single storage device that, in the background, replicates data to multiple disks in case of a single disk failure
  • 10. Virtualization – Classification (Based on Usage) 10 • Need for Server virtualization • In the case of server consolidation, many small physical servers are replaced by one larger physical server to increase the utilization of costly hardware resources such as CPU. • Consolidating servers can also have the added benefit of reducing energy consumption. • A virtual machine can be more easily controlled and inspected from outside than a physical one, and its configuration is more flexible. • A new virtual machine can be provisioned as needed without the need for an up-front hardware purchase. • A virtual machine can easily be relocated from one physical machine to another as needed. • Need for Storage virtualization  Manage heterogeneous storage environments
  • 11. Elements of Hardware (System)Virtualization 11 • Guest OS • Software installed on either a virtual machine (VM) or partitioned disk that describes an operating system that is different than the host operating system • Virtual Machine Monitor (VMM) or hypervisor • Hypervisor is an efficient Virtual Machine Manager (VMM) that is designed from the ground up to run multiple high performant VMs • Host OS • Software installed on a computer that interacts with the underlying hardware and is usually used to describe an operating system used in a virtualized server
  • 12. Virtual Machine Monitor (VMM) or Hypervisor 12 • Multiple services to share the same platform. • Live migration - the movement of a server from one platform to another. • System modification while maintaining backward compatibility with the original system. • Enforces isolation among the systems, thus security. • Traps the privileged instructions executed by a guest OS and enforces the correctness and safety of the operation. • Traps interrupts and dispatches them to the individual guest operating systems. • Controls the virtual memory management • Maintains a shadow page table for each guest OS and replicates any modification made by the guest OS in its own shadow page table. • This shadow page table points to the actual page frame and it is used by the Memory Management Unit (MMU) for dynamic address translation. • Monitors the system performance and takes corrective actions to avoid performance degradation. For example, the VMM may swap out a Virtual Machine to avoid thrashing.
  • 13. Virtual Machine Monitor (VMM) or Hypervisor 13 • Partitioning Kernel ▪ “Partition” is isolation boundary ▪ Few virtualization functions; relies on virtualization stack • Very thin layer of software ▪ Microkernel ▪ Highly reliable ▪ Basis for smaller Trusted Computing Base (TCB) • No device drivers ▪ Drivers run in a partition • Well-defined interface ▪ Allow others to create support for their OSes as guests
  • 14. Virtual Machine Monitor (VMM) or Hypervisor 14 Monolithic and Microkernel hypervisor:  Single kernel  Simple kernel with partitioning functionality
  • 15. Virtual Machine Monitor (VMM) or Hypervisor 15 Basic Functionalities of Hypervisors  CPU sharing –  virtual view of CPU to VMs (vCPU)  VMM or Hypervisor allots CPU to different VMs  Share Memory  Application access memory via Kernel and Hypervisor  Virtual Machines two level of indirection maintained by VMM  I/O Share  Guest kernel to convey an arbitrary location to device for writing  Each device defines its own protocol for talking to drivers  virtual device is substituted for its physical equivalent
  • 16. Types of Hypervisors 16  Native hypervisor (Bare metal)  Native hypervisor run directly on top of physical hardware providing the features like IO etc required by the applications.  Hosted hypervisor  Hosted hypervisors runs on top of operating system and uses features of operating system.  Hosted hypervisors run on top of an existing OS and leverage the features of the underlying OS.  Virtual machines run on top of the hosted hypervisor, which runs on top of an existing OS.  Hybrid hypervisor.  Hybrid hypervisors runs directly on top of hardware and uses features of operating system.
  • 17. Native hypervisor (Bare metal) 17 Native Hypervisor Hosted Hypervisor Hybrid Hypervisor
  • 18. Techniques for Hypervisors- Full and Para Virtualization 18  Full virtualization  Guest OS can run unchanged under the VMM as if it was running directly on the hardware platform.  Hypervisor provides complete abstraction, and the guest OSes don't know -- or care -- about the presence of a hypervisor.  VM manager to translate back and forth between physical and virtual resources, like CPUs and memory spaces  Requires a virtualizable architecture.  Examples: Vmware.  Paravirtualization  Guest operating system is modified to use only instructions that can be virtualized.  allowing an OS to actually recognize the presence of a hypervisor and communicate directly with that hypervisor to share activity that would otherwise be complex and time-consuming for the hypervisor's VM manager to handle  Guest VM OSes must be modified or adapted to implement an API capable of exchanging hypercalls with the paravirtualization hypervisor  Reasons for paravirtualization:  Some aspects of the hardware cannot be virtualized.  Improved performance.
  • 19. Techniques for Hypervisors 19 Trap and emulate virtualization  When CPU is running in user mode, some internal or external events, which need to be handled in kernel mode, take place.  Then CPU will jump to hardware exception handler vector, and execute system operations in kernel mode. Ex: System Call  Invoked by application in user mode.  For example, application ask OS for system IO. Hardware Interrupts  Invoked by some hardware events in any mode.  For example, hardware clock timer trigger event. Exception  Invoked when unexpected error or system malfunction occur.  For example, execute privilege instructions in user mode.
  • 20. Techniques for Hypervisors 20 To make CPU virtualization to be efficient  We should make guest binaries run on CPU as fast as possible.  Theoretically, run all guest binaries natively, there will NO overhead at all.  But we cannot let guest OS handle everything, VMM should be able to control all hardware resources. Solution : Ring Compression  Shift traditional OS from kernel mode(Ring 0) to user mode(Ring 1), and run VMM in kernel mode.  Then VMM will be able to intercept all trapping event.
  • 21. Techniques for Hypervisors 21  Guests continue execution until they try to access a shared physical resource of the hardware (such as an I/O device), or an interrupt is received.  When this happens, the hypervisor regains control and mediates access to the hardware, or handles the interrupt  privilege level or protection ring  x86 privilege levels, the mechanism whereby the OS and CPU conspire to restrict what user-mode programs can do  0 (most privileged) to 3 (least privileged)  All user code runs in ring 3 and all kernel code runs in ring 0  If the guest tries to access a protected resource, such as an I/O device, an interrupt takes place, and the hypervisor regains control. The hypervisor then emulates the I/O operation for the guest.
  • 22. 22 Trap and Emulate Model  Let normal instructions of guest OS run directly on processor in user mode.  When executing privileged instructions, hardware will make processor trap into the VMM.  The VMM emulates the effect of the privileged instructions for the guest OS and return to guest.
  • 23. 23 Trap and Emulate Model • VMM and Guest OS :  System Call • CPU will trap to interrupt handler vector of VMM. • VMM jump back into guest OS.  Hardware Interrupt • Hardware make CPU trap to interrupt handler of VMM. • VMM jump to corresponding interrupt handler of guest OS.  Privilege Instruction • Running privilege instructions in guest OS will be trapped to VMM for instruction emulation. • After emulation, VMM jump back to guest OS.
  • 24. 24 Trap and Emulate Model  Limitations:  Some amount of performance overhead incurred due to this technique  Not all architectures are suitable for implementing trap and emulate virtualization.  Some commands executed in privilege mode to non privilege mode using the classical trap and emulate technique will not serve the purpose  Binary translation  Hypervisor includes a binary translator which replaces the sensitive instructions by equivalent non-sensitive instructions at run-time, and leaves non-sensitive instructions unchanged  Paravirtualization:  The guest is modified (re-written) not to use the sensitive instruction, but to directly invoke hypervisor APIs
  • 25. Hardware Support for Virtualization 25  Intel and AMD created new processor extensions to support virtualization in the hardware  VT-x, an Intel technology that helps virtualize Intel x86 processors  Extended Page Tables (EPT) which helps virtualize memory  VT-d, a technology to assist in the virtualization of I/O  VMX root operation and VMX non-root operation  Hypervisors are intended to execute in VMX root operation, which is almost identical to normal execution in earlier x86 processors without VT-x.  Guests execute in VMX non-root operation, which has been defined to help support virtualization.
  • 26. Virtualization- Advantages 26 • Multiple OS environments can co-exist on the same primary hard drive. Regardless of the system, all files are stored on the hard drive of the host OS. • Application provisioning, maintenance, high availability and disaster recovery are inherent in the virtual machine software selected. • Can provide emulated hardware environments different from the host's instruction set architecture (ISA), through emulation or by using just-in-time compilation.
  • 27. Virtualization- Limitations 27 • A virtual machine is less efficient than an actual machine when it accesses the host hard drive indirectly. • When multiple VMs are concurrently running on the hard drive of the actual host, adjunct virtual machines may exhibit a varying and/or unstable performance (speed of execution and malware protection). This depends on the data load imposed on the system by other VMs, unless the selected VM software provides temporal isolation among virtual machines. • Malware protections for VMs are not necessarily compatible with the "host", and may require separate software.
  • 28. Container 28 • Containers and VMs • To isolate an application and its dependencies into a self-contained unit that can run anywhere • Remove the need for physical hardware, allowing for more efficient use of computing resources, both in terms of energy consumption and cost effectiveness. • Containers • virtualize at the operating system level, with multiple containers running atop the OS kernel directly • container provides operating-system-level virtualization by abstracting the “user space” • ability to create predictable environments that are isolated from other applications • run virtually anywhere, greatly easing development and deployment • virtualize CPU, memory, storage, and network resources at the OS-level, providing developers with a sandboxed view of the OS logically isolated from other applications. • Ex: Docker, LXC, Kubernetes, FreeBSD Jails etc..
  • 29. Docker 29 • Provide a uniformed wrapper around a software package • Build, Ship and Run Any App, Anywhere • Virtualization of application instead of hardware • Runs on top of the core OS (Linux or Windows) • Doesn’t require dedicated CPU, Memory, Network —managed by core OS • Similar to shipping containers: The container is always the same, regardless of the contents and thus fits on all trucks, cranes, ships • Docker • Containerization platform that packages your application and all its dependencies together in the form of a docker container to ensure that your application works seamlessly in any environment • Docker Container • Standardized unit which can be created on the fly to deploy a particular application or environment  Docker Engine • Docker application that is installed on your host machine. It works like a client-server application which uses [www.docker.com]
  • 30. Docker 30 • Docker Image • Template which is used to create Docker Containers. They are the building blocks of a Docker Container • Docker Registry • Docker Images are stored. The Registry can be either a user’s local repository or a public repository like a Docker Hub • Docker Architecture  Docker client - trigger Docker commands,  Docker Host – running the Docker Daemon  Docker Registry – storing Docker Images.  The Docker Daemon running within Docker Host is responsible for the images and containers
  • 31. Docker Vs VM 31  Virtual Machines are slow and take a lot of time to boot.  Containers are fast and boots quickly as it uses host operating system and shares the relevant libraries.  Containers do not waste or block host resources unlike virtual machines.  Containers have isolated libraries and binaries specific to the application they are running.  Containers are handled by Containerization engine.  Docker is one of the containerization platforms which can be used to create and run containers  Consistent runtime environment, Application sandboxing, low overhead, occupies less disk size and resource saving
  • 32. Summary 32  Virtualization – System and Process  VMM or Hypervisor  Guest OS and Host OS  API,ABI and ISA  Trap and Emulate, Binary Translation, Full, Paravirtualization  Docker Container