KVM Introduction : 1
KVM which stands for kernel based virtualization is a linux kernel combined with the kvm kernel module tranforms the usual linux kernel into a bare metal hypervisor. Once KVM is installed into the kernel we can create Virtual machines in it and control them using various user space tools like qemu,libvirt or virsh.
Virtualizations Involves
CPU Virtualization
Memory Virtualization
I/O Virtualization
CPU Virtualization : To virtualize the CPU, KVM makes use of the hardware solution, that is CPUs which have virtualization instructions built into them . Intel calls this VT-X and AMD calls it AMD-V. The traditional architecture of CPUs had the standard ring based opertion as shown below.
The Operating system would execute the privileged instructions in the ring 0 and the user space applications would execute in the ring 3. The introduction of virtualization required that a new layer be present between the hardware and the operating system. This could have been achieved in two ways
0/1/3 model where the operating system is moved to the ring 1 and hypervisor is executed in the ring 0
0/3/3 model where the operating system and applications are both executed in the ring3 and the hypervisor executes in the ring 0.
Both these models move the operating system away from ring 0 leads to multiple problems because the operating system designed to always execute in ring 0. The software solutions like Binary translation and paravirtualization try to address the problems because of this change in the ring of operation of the operating system. The hardware solution introduced by Intel and AMD-V solve this by introducing new modes of operation in the CPU.
The intel Virtualization enabled hardare have new modes of operation VMX Root and VMX non root. The VMX root operation is used to execute the hypervisor and the VMX non root operation is used to execute the VM itself. Each of these modes of CPU have ring 0,1,2,3.
Thus the operating system can continue to operate in ring0 in VMX non root mode and thus retain all its control over the hardware just as a traditional opertaing systems. The hypervisor on the other hand executes in ring 0 in the VMX root mode. Thus even the hypervisor get the complete control of the hardware by being present in the ring0. But at any given time either othe VM or the hypervisor would be operating in the ring 0 mode. This takes care of a number of problems that exist in the software solutions of virtualization and also make the virtualization to be much quicker as the VM is able to operate on the hardware directly with out any intervention by the hypervisor during the normal operation. The control shifts out of the VM only on a I/O which is handled by the user space application running in the host kernel and interrupts or any other signals which are handled by the hypervisor.
KVM makes use of this hardware feature while running the virtual machines. Thus other than the traditional kernel space and user space there exits a new mode called as the guest mode of operation in the kernel. The VM opertes in this guest mode which makes use of the VMX non root mode. The guest OS works in the ring 0 of the VMX non root mode and the applications in the guest OS in the ring 3 of the VMX non root mode The KVM kernel on the other hand works in the ring 0 of the VMX root mode.
and the kernel which acts as the hypervisor executes in the kernel space of the vmx root mode.
CPU Virtualization
Memory Virtualization
I/O Virtualization
CPU Virtualization : To virtualize the CPU, KVM makes use of the hardware solution, that is CPUs which have virtualization instructions built into them . Intel calls this VT-X and AMD calls it AMD-V. The traditional architecture of CPUs had the standard ring based opertion as shown below.
0/3/3 model where the operating system and applications are both executed in the ring3 and the hypervisor executes in the ring 0.
Both these models move the operating system away from ring 0 leads to multiple problems because the operating system designed to always execute in ring 0. The software solutions like Binary translation and paravirtualization try to address the problems because of this change in the ring of operation of the operating system. The hardware solution introduced by Intel and AMD-V solve this by introducing new modes of operation in the CPU.
The intel Virtualization enabled hardare have new modes of operation VMX Root and VMX non root. The VMX root operation is used to execute the hypervisor and the VMX non root operation is used to execute the VM itself. Each of these modes of CPU have ring 0,1,2,3.
Thus the operating system can continue to operate in ring0 in VMX non root mode and thus retain all its control over the hardware just as a traditional opertaing systems. The hypervisor on the other hand executes in ring 0 in the VMX root mode. Thus even the hypervisor get the complete control of the hardware by being present in the ring0. But at any given time either othe VM or the hypervisor would be operating in the ring 0 mode. This takes care of a number of problems that exist in the software solutions of virtualization and also make the virtualization to be much quicker as the VM is able to operate on the hardware directly with out any intervention by the hypervisor during the normal operation. The control shifts out of the VM only on a I/O which is handled by the user space application running in the host kernel and interrupts or any other signals which are handled by the hypervisor.
KVM makes use of this hardware feature while running the virtual machines. Thus other than the traditional kernel space and user space there exits a new mode called as the guest mode of operation in the kernel. The VM opertes in this guest mode which makes use of the VMX non root mode. The guest OS works in the ring 0 of the VMX non root mode and the applications in the guest OS in the ring 3 of the VMX non root mode The KVM kernel on the other hand works in the ring 0 of the VMX root mode.
and the kernel which acts as the hypervisor executes in the kernel space of the vmx root mode.
The details are out-dated
ReplyDeleteThis post is great, thank you for sharing. confinedrv
ReplyDeleteThis comment has been removed by a blog administrator.
ReplyDeleteThis comment has been removed by a blog administrator.
ReplyDelete