1

UNIT – 2

Virtual Machines and Virtualization of Clusters and Data Centers

Overview:
● Thevast usage of virtual machines (VMs) is a new opportunities for Parallel
Computing, Cluster of Grid computing, Cloud and Distributed Computing.
● Virtualization allows the users to share classy hardware resources by multiplexing
(i.e., multiple analog or digital singals are combined into One Signal over a shared
medium)Vitual Machines on the same set of hardware hosts like servers or data
centers.
1. Implementation Levels of Virtualization:
● Virtualization is a computer architecture technology by which multiple virtual
machines (VMs) are multiplexed in the same hardware unit.
● The purpose of a Virtual Machineis to enhance resource sharing by many users and
improve computer performance in terms of resource utilization and application
flexibility.
● Hardware resources like CPU, Memory, I/O devices etc. or Software resources like
Operating System and application that can be virtualized at various layers of
functionality.
● The main idea is to separate hardware from software to obtain greater efficiency
from the system. Ex: Users can gain access to more memory by this concept of
VMs.
● With the sufficient storage of any computer platform installed in another host
computer,even if processors usage and operating systems are different.
1.1 Levels of Virtualization Implementation: A traditional computer system runs with a
host Operating System Particularly Familiar for its hardware architecture.
This is represented in Figure 3.1a.
 2

After virtualization developed in different user applications managed by their own

Operating Sysemi.e., guest OS can run on the same hardware, independent of the host
Opeating System.
This is often done by adding a virtualization layer as shown in Figure-3.1b.
This virtualization layer namely Virtual Machine Monitor or Hypervisor.
The Virtual Machines Can be realized in the Upper Boxes where applications run on
their own guest Operating System over a virtualized CPU, Memory and I/O
Devices.
1.2 The main function of the Software Layer for virtualization is to virtualize the
physical hardware of a host machine into virtual resources to be saved by the
Virtual Machines.
The virtualization software creates the abstract of Virtual Machines by presenting
a virtualization layer at various levels of a computer.
There are Five virtualization layers including the Instruction Set Architecture
(ISA) level, Hardware level, Operating System level, Library support level, and
Appliation level.
This can be seen in Figure 3.2.
The levels are discussed below.
 3

1.2.1 Instruction Set Architecture Level: Virtualization is performed by emulationof the

given ISA by Host Machine.
Ex: Binarycode can run on an x86-based host machinewith the help of ISA
simulation.
Instruction emulation leads to virtual ISAs created on any hardware machine.
Basic level of emulationcan be traced at code interpretation.
An interpreter (line-by-line compiler) program works on the instructions one-by-
one and this process is slow.
To speedup, the execution of instructions used Dynamic BinaryTtranslationwhere
it can translatethe blocks of dynamic source instructions to target instructions.
The basic blocks can also be extended to program traces or Superblocks to increase
translation efficiency.
This emulationneeds Binary Translation and Optimization.
Hence, a Virtual-ISAneeds a processor specific translation layer to the compiler.
1.2.2 Hardware Abstraction Level:
Hardware level virtualization is performed on the bare hardware.
 4

This approach generates a virtual hardware environment and processes the

hardware in a virtual fashion.
The idea is to virtualize the resources of a computer by utilizing them
concurrently. Ex: IBM Xen Hypervisor (VMM) runs Linux or other guest
Operating System applications.
1.2.3 Operating System Level:This refers to an abstraction layer between the OS and the
user apps. The OS level virtualization creates isolated containers on a single
physical server and OS instances to utilize software and hardware in data centers.
The containers behave like real servers. OS level virtualization is used in creating
virtual hosting environments to allocate hardware resources among a large number
of distrusting users. It can also be used to indirectly merge server hardware by
moving resources on different hosts into different Virtual Machines on one server.
1.2.4 Library Support Level:
● Most applications use Application Programming Interfaces exported by user-
level libraries before extended the system calls by the Operating System.
● Virtualization with library interfaces is possible by controlling the communication
link between Application and Application Programming Interfaces.
1.2.5 User-Application Level:
Application level virtualizations take out a real Virtual Machine.
This process is also known as Process level virtualization.
1. Ex: High Logical Level-Virtual Machinesare usedwhere virtualization layer is
an application above the Operating System.
It can run programs written and compiled to an abstract machine definition.
Other forms of application level virtualization are application isolation,
application streaming.
Here, the application is wrapped in a layer and is isolated from the host Operating
System and Other Applications.
This creates the application more much easier to distribute and remove from user
workstations.
2. Ex: LAN-Desk (an application virtualization platform) – this installs apps as self-
contained, executable files in an isolated environment.
No actual installation is required and no system modifications are needed.
 5

Table 3.1 that hardware and OS support will harvest the highest performance. At the
same time, the hardware and app levels are most expensive to implement. User
isolation is difficult to archive and ISA offers best flexibility.

1.3 VMM Design Requirement and Providers:

As seen before, hardware-level virtualization inserts a layer between real hardware and
traditional OS.
This layer (VMM or Hypervisor) manages the hardware resources of the computer
effectively.
By the usage of VMM, different traditional operating systems can be used with the
same set of hardware simultaneously.
1.4 Requirements for a VMM:
(a) For programs, a VMM should provide an identical environment, same as the
original machine.
(b) Programs running in this environment should show only minor decreases in speed.
(c) A VMM should be in complete control of the system resources.

Some differences might still be caused due to availability of system resources(more

than one VM is running on the same system) and differences caused by timing
dependencies.
The hardware resource wants (like memory) of each Virtual Machine is reduced, but
the total sum of them is greater that of the real machine.
This is needed because of any other Virtual Machines that are concurrently running on
the same hardware.
A VMM should demonstrate efficiency in using the VMs.
To guarantee the efficiency of a VMM, a statistically dominant subset of the virtual
processor’s instructions needs to be executed directly by the real processor with no
intervention by the VMM.
 6

The aspects to be considered here include

(1) The VMM is responsible for allocating hardware resources for programs;
(2) A program cannot access any resource that has not been allocated to it;
(3) At a certain stage, it is not possible for the VMM to regain control of the resources
already allocated.
A VMM is tightly related to the architectures of the processors.
It is difficult to implement a VMM on some types of processors like x86. If a processor
is not designed to satisfy the requirements of a VMM, the hardware should be modified
– this is known as hardware-assisted virtualization.
1.5 Virtualization Support at the Operating System Level: Cloud Computing is
transforming the computing landscape by shifting the hardware and management costs
of a data center to third parties, like banks. The challenges of Cloud Computing are: (a)
the ability to use a variable number of physical machines and VM instances depending
on the needs of the problem. Ex: A work may need a single CPU at an instance but
multi-CPUs at another instance (b) the slow operation of instantiating new VMs.
As of now, new VMs originate either as fresh boots or as replicates of a VM template –
unaware of the status of the application.

1.6 Why OS Level Virtualization(Disadvantages of hardware level virtualization):

(a) It is slow to initiate a hardware level Virtual Machinemeanwhile each Virtual
Machine creates its own copy from the beginning.
(b) Redundancy content is high in these Virtual Machines.
(c) Slow performance and low density.
(d) Hardware Modifications maybe needed.

● OS level virtualization is needed to provide a solution to all these problems.

● It inserts a virtualization layer inside the Operating System to partition the
Physical Resources of a system.
● It enables multiple isolated Virtual Machines within a single Operating System
kernel.
● This kind of VM is called a Virtual Execution Environment (VE) or Virtual
Private System.
● From the user’s point of view, a Virtual Execution Environment has its own set
of processes, file system, user accounts, network interfaces (with IP addresses),
routing tables, firewalls and other personal settings.
 7

Note: This container can be customized for different people that they share the same
Operating SystemKernel.
Therefore, this methodology is also calledSingle-OS copy virtualization.
All this can be observed in Figure 3.3.

1.7 Advantages of OS Postponements:

(a) VMs at the OS level have minimal start-up shutdown costs, low resource
requirements and high scalability.
(b) For an OS level VM, the VM and its host environment can synchronise state
changes.
These can be achieved through two mechanisms of OS level virtualization:
(a) All OS level VMs on the same physical machine share a single OS kernel.
(b) The virtualization layer can be designed in way that allows processes in VMs can
access as many resources as possible from the host machine, but can never modify
them.
1.8 Disadvantages of OS Extension:
● The main disadvantageof OS extensions is that all VMs at OS level on a single
container must have the same rather guest OS.
● Though different OS level VMs may have different OS distributions (Win XP,
7, 10), they must be related to the same OS family (Win).
 8

● A Windows distribution cannot run on a Linux based container.

● As we can observe in Figure 3.3, the virtualization layer is inserted inside the
OS to partition the hardware resources for multiple VMs to run their
applications in multiple virtual environments.
● To implement this OS level virtualization, isolated execution environments
(VMs) should be created based on a single OS kernel.
● In addition, the access requests from a VM must be redirected to the VM’s local
resource partition on the physical machine.
● For example, ‘chroot’ command in a UNIX system can create several virtual
root directories within an OS that can be used for multiple VMs.
● To implement the virtual root directories’ concept, there exist two ways:
(a) Duplicating common resources to each VM partition or (b) sharing most
resources with the host environment but create private copies for the VMs on
demand.
● It is to be noted that the first method incurs (brings up) resource costs and
burden on a physical machine. Therefore, the second method is the apparent
choice.
1.9 Virtualization on Linux or Windows Platforms: Generally, the OS-level
virtualization systems are Linux-based. Windows based virtualization platforms are not
much in use. The Linux kernel offers an abstraction layer to allow software processes
to with and operate on resources without knowing the hardware details. Different
Linux platforms use repaired kernels to provide special support for extended
functionality.
1.10. Middleware Support for Virtualization: This is the other name for Library-level
Virtualization and is known as user-level Application Binary Interface or API
emulation. This type of virtualization can create execution environments for running
alien (new/unknown) programs on a platform rather than creating a VM to run the
entire OS. The key functions performed here are API call interception and remapping
(assign a function to a key).
 9

2. Virtualization Structures/Tools and Mechanisms:

There are three classes of Virtual Machine architecture.

Before virtualization isthe Operating System manages the hardware (Traditional

Computers).
After virtualization, a virtualization layer is inserted between the hardware and the OS.
The virtualization layer is responsible for convertingparts of Real Hardware into Virtual
Hardware.
Virtual Machine is working different operating systems like Windows and Linux can run
concurrently on the same machine.
Depending on the position of the virtualization layer uses the several classes of Virtual
Machine Architectures such as
● Hypervisor Architecture
● Para-virtualization
● Host-based virtualization.
2.1 Hypervisor Architecture:
● The hypervisor (VMM) supports hardware level virtualization on Bare Metal
Devices like CPU, Memory, HardDisk and Network Interfaces.
● Hypervisor is softwarethat exists between Hardware and Operating System.
● Hypervisor providesHypercalls for Guest Operating System and Applications.
● Depending on the functionality, a hypervisor can assume Micro-
KernelArchitecture for Server Virtualization.
Hypercall:
A hypercall is a software trickfrom a domain to the hypervisor.
It is a system call is a software trick from a user application to the kernel.
 10

This domain will use hypercalls to user request privileged operations like updating
pagetables.

Software Trap:
● ASoftware Trap is a Program Exception or a Fault that it is usually a kind of
Synchronous Interrupt Produced by an Exceptional Condition (For Instance
breakpoint, division by zero, invalid memory access).
● A trap usually results in a switch to kernel mode, where the OS performs some
action before returning control to the creating process. A software trap in a
system process is more serious than a software trap in a user process and might be
fatal errors.
● The term Software Trapmight also refer to a SoftwareInterrupt proposed to
initiate a Context Switch to a Monitor Program or Debugger.
Domain:
It is a group of computers/devices on a network managed as a unit with common rules and
procedures.
Ex: Within the Internet to all devices and sharing a common part of the IP address is said to
be in the same domain.
Page Table:
A page table is the data structure used by a virtual memory system in an OS to store the
mapping between virtual addresses and physical addresses.
Kernel: A kernel is the central part of an Operating System that manages the Process
Job assigntoComputer and Hardware like Memory and CPU Time.
There are two kinds as follows
1. Monolithic Kernel:
● Operating System commonly usesMonolithic Kernel.
● When a device is needed that it is added as a part of the Kernel and the Kernel
Increases in Size.
● The major drawbacks of Monolithic Kernel like Faulty Programs Damaging the
Kernel and So on.
Ex: Memory, Processor, Device Drivers (It is a computer program that
operates or controls a particular kind of device that is attached to computer)
etc.
2. Micro-kernel:
 11

● In micro-kernels are only the basic functions are distributed.Ex:Memory

Management and Processor Scheduling.
● Operating Systemcould not run only on a micro-kernel in which slowdown the
Operating System.
2.2 The size of the hypervisor code of a micro-kernel hypervisor is smaller than that of
monolithic hypervisor.
Fundamentally, a hypervisor must be able to convert physical devices into virtual
resources dedicated for the VM usage.
2.3 Xen Architecture: It is an Open Source Hypervisor Program developed by Cambridge
University. Xen is a micro-kernel hypervisor, whose policy is implemented by Domain
0.

● As shown in Figure 3.5,

● Xen does not include any Device Drivers (It is a Computer Program that
operates or controls a particular kind of device that is attached to computer).
● It provides a mechanism by which a guest-Operating System can have direct
access to the physical devices.
● The size of Xen is a small and provides a virtual environment between the
hardware and Operating System.
● The core components of Xen are the hypervisor, kernel and applications.
● The guest OS with the control ability is called Domain-0 is the others are called
Domain U.
● Domain 0 is first loaded when the system boots and can access the hardware
directly and manage devices by allocating the hardware resources for the guest
domains (Domain U).
● Xen Architecureis based on Linux Operating System.
● Virtual Machine namely Domain 0 in which can access and manage all other
Virtual Machines is on the same host.
● If a user has access to Domain 0 (VMM) then user can create, copy, save, modify
or share files and resources of all the VMs.
● This is a huge advantage for the user but concentrating all the resources in
Domain 0 can also become a privilege for a hacker.
 12

● If Domain 0 is hacked, through it, a hacker can control all the VMs and through
them, the total host system or systems.
● Securityproblems are to be distributed with in a careful manner before handing
over Xen to the user.

2.4 Binary Translation with Full Virtualization:

Hardware virtualization can be categorised into two categories like
1. Full virtualization
2. Host-based virtualization.

Full Virtualization

● Itdoes not need to modify the host OS.

● Ittrusts upon binary translation to Software Trap (Trick) and tovirtualizethe
certain sensitive instructions.
● Normal instructions can run directly on the host OS.
● To increase the performance above – normal instructions are carried out in the
normal manner,
● However, thisDifficult is the Precise Executions arefirst exposed using a
software trap and executed in a virtual manner.
● To improve the security of the systemandincreasing the performance rate.

Binary Translation of Guest OS Requests Using a VMM:

● VMware Software is mainly using this Approach.

● In Figure 3.6, VMware softwareputs the VMM at Ring 0 and the guest
Operating System at Ring 1.
 13

● VMM scanslike the instructions to identify complex and privileged instructions

and software trap into the VMM in which emulates the behaviour of these
instructions.
● Binary translation is the method used for imitation (A => 97 => 01100001)
● Note:Full Virtualization combines both binary translation and direct execution.
The guest OS is totally de-coupled from the hardware and run virtually (like an
emulator).
● Full virtualization involves Binary Translation and TimeConsuming.
● Binary translation is cost consuming but it increases the system performance.
In a host-basedvirtualization system both host and guest OS are used and a virtualization
layer is built between them.
The host OS is still responsible for managing the hardware resources.
Dedicated applications might run on the VMs and some others can run on the host OS
directly.
By using this methodology, the user can install the VM architecture without modifying
the host OS.
The virtualization software can rely upon the host OS to provide device drivers and other
low-level services.
Hence, the installation and maintenance of the VM becomes easier.
Another advantage is that several host machine configurations can be perfectly
utilized.Still four layers of mapping exist in between the guest and host operating
systems.
This may delay the speed and performance, in particular when the ISA (Instruction Set
Architecture) of a guest OS is different from that of the hardware and binary translation
MUST be deployed.
This increases in time and cost and slows the system.

2.5 Para-Virtualization with Compiler Support:

● Para-Virtualization modifies the guest operating system.
● Para-virtualized VM provides special APIs, which take up user applications needing
those changes.
● Para-virtualization tries to reduce the virtualization burden/extra-work to improve
the performance.
● Thisis done by modifying only the guest OS kernel.
● This can be seen in Figure 3.7 [1].
 14

Ex: In a typical para-virtualization architecture in which considers an x86 processor, a

virtualization layer is inserted between Hardware and Operating System.

According to the x86 ‘ring definition’ the virtualization layer installed at Ring 0.

In Figure 3.8 [1], we can notice that para-virtualization replaces instructions that cannot be
virtualized with hypercalls (placing a trap) that communicate directly with the VMM.

Notice that if a guest OS kernel is modified for virtualization, it cannot run the hardware
directly – that should be done through the virtualization layer.

2.6 Disadvantages of Para-Virtualization:

● Para-virtualization reduces the overhead.
● Its compatibility (suitability) and portability can be in doubt because it has to
support both the modified guest OS and the host OS as per requirements.
● In addition, the maintenance cost of para-virtualization is high since it may require
deep kernel modifications.
● Finally, the performance advantage of para-virtualization is not stable – it varies as
per the workload.
● However, compared with full virtualization, para-virtualization is more easy and
practical since binary translation is not much considered.
● Many products utiliza para-virtualization to overcome the less speed of binary
translation.Ex: Xen, KVM, VMware ESX.
 15

2.7 Note: Kernel based VM (KVM): This is a Linux para-virtualization system – it is a part of
the Linux kernel. Memory management and scheduling activities are carried out by the
existing Linux kernel. Other activities are taken care of by the KVM and this methodology
makes it easier to handle than the hypervisor. Also note that KVM is hardware assisted
para-virtualization tool, which improves performance and supports unmodified guest
operating systems like Windows, Linux, Solaris and others.

2.8 Virtualization of CPU, Memory and I/O Devices:

For any computer architecture to support virtualization.

To understand how architecture can support Virtualization, we need to keep the following
in mind
1. All Virtual Machines needs a Hypervisor /Virtual Machine Monitor (VMM).
2. A Virtual machine should behaviorally be same as the actual machine.
3. Hypervisor or VMM needs complete control over resources.
4. Virtual machine needs to support all Machine/Assembly Instructions
supported by the actual Machine.
● If we look at Point -4 in particular, we can see a dependency in the Architecture.
● If we are looking to run a System that supports RISC (Reduced Instruction Set
Computer) architecture, then the underlying machine architecture’s Instruction
Set (ISA) should also support (directly or indirectly) all the instructions in the RISC
Virtual machine’s Architecture.
● The Services of Computer Processorsarea special running mode and instructions
known as Hardware helped virtualization.
● Hypervisor/VMM and guest Operating System run in different methods.
● The ‘software trap’ in the Hypervisor/VMM catches to all complex instructions of
the guest Operating System and its applications.
 16

2.8.1 H/W Support for Virtualization:

● Up-to-date operating systems and processors permit multiple processes to run
simultaneously.
● A protection mechanism should exist in the processor so that not all instructions
from different processes will access the hardware directly.
● This will lead to a system crash.
● All processors should have at least two modes nemaly as User and Supervisor
modes to control the access to the hardware directly.
● Instructions running in the supervisor mode are called privileged instructions
and the others are called as unprivileged instructions
● Ex: VMware Workstation

CPU Virtualization:
● CPU virtualization involves a single CPU acting as if it were multiple separate
CPUs.
● The most common reason for doing this is to run multiple different operating
systems on one machine.
● CPU virtualization emphasizes performance and runs directly on the available
CPUs whenever possible.
● The underlying physical resourcesare usedin every time possible and the
virtualization layer runs instructions only as needed to make virtual machines
operate as if they were running directly on a physical machine.

● When many virtual machines are running on an ESXi host, those virtual machines
contest for CPU resources.

● When CPU argument occurs, the ESXi host time-slices the physical processors
across all virtual machines thereforeeach virtual machine runs as if it has its
specified number of virtual processors.
● A Virtual Machine is a duplicate of an existing system.
● The host processor executes majority of instructions.
● Unprivileged instructions run on the host machine directly.
● Other instructions are to be handled carefully.
● These critical instructions are of three types: privileged, control-sensitive and
behaviour-sensitive.
● Privileged=>Executed in a special mode and are trapped if not done so.
● Control-Sensitive=>Attempt to change the configuration of the used resources.
● Behaviour-Sensitive=> They have different behaviours in different situations (high
load or storage or capacity)

2.8.2 Hardware Assisted CPU Virtualization:

 17

Since Full Virtualization or para-Virtualization is complicated, this new methodology

tries to simplify the situation.
Intel and AMD add an additional mode called privilege mode level to the x86
processors.
The OS can still run at Ring 0 and hypervisor at Ring 1.
Note: all privileged instructions are trapped at the hypervisor. Hence, no modifications
are required in the VMs at Operating System level.

VMCS=> VM Control System

VMX=> A virtual router
2.8.3 Memory Virtualization:

● In the traditionalcomputer memory methodology is the Operating System

maintains mappings between virtual memory to machine memory (MM)
using page tables in which is a one-stage mapping from virtual memory to
Machine Memory.

● Virtual Memory is a feature of an operating system (OS) that allows a

computer to compensate for shortages of physical memory by temporarily
transferring pages of data from random access memory (RAM) to disk
storage.

● Machine Memoryis the physical memory that a cloud user/host machine can
allocate to the Virtual Machine.

● All modern x86 processors contain memory management unit (MMU) and a
translation look-aside buffer (TLB) to optimize the virtual memory
performance.
 18

● In a virtual execution environment, virtual memory-VZinvolves sharing the

physical system memory in RAM and dynamically allocating it to the
physical memory of the VMs.

Stages in Memory Virtualization: Each Virtual Machine contains process to process

communication for storage purposes in that purposes we use two stages to store the data.
● Virtual memory to physical memory.
● Physical memory to machine memory.

Other Points: Memory Management Unit (MMU)should be supported to guest OS

controls to monitor mapping of virtual addresses to physical memory address of the
Virtual Machines. All this is depicted in Figure 3.12 [1].

● VA-Virtual Address; PA-Physical Address; MA-Machine Address

● Each page table of a guest OS has a page table allocated for it in the Virtual
Machine Monitor (VMM). The page table in the VMM (is a Software program
that enables the creation, manage and control of virtual machine), which handles
all these, is called a shadow page table.
● As it can be seen, all this process is nested and inter-connected at different levels
through the concerned address.
● If any change occurs in the virtual memory page table or Translation Look-
aside Buffer(TLB) as the shadow page table in the VMM (Virtual Machine
Monitor)is updated accordingly.
 19

2.8.4 I/O Virtualization:

● This involves managing of the routing of I/O requests between virtual
devices and shared physical hardware.
● There are three ways to implement this are full device emulation (Imitation),
para-VZ and direct I/O.
● Full Device Emulation:
● This process emulates well-known and real-world devices.
● All the functions of a device or bus infrastructure such as device enumeration,
identification, interrupts that are replicated (fake) in the software in which it is
located in the VMM and acts as a virtual device.
● The I/O requests are trapped in the VMM accordingly.
● The emulation approach can be seen in Figure 3.14 [1].

Device Driver is a Computer Program that operates or controls a particular kind of

device that is attached to computer.

● Para-VZ:
● Para-VZ is a method of I/O VZis taken up since software emulation runs slower
than the hardware it emulates.
● In para-VZ, the frontend driver runs in Domain-U; it manages the requests of the
guest OS.
● The backend driver runs in Domain-0 and is responsible for managing the real I/O
devices. This methodology (para) gives more performance but has a higher CPU
overhead.
● Direct I/O VZ:VM access devices directly to achieve high performance with lower
costs.Currently, it is used only for the mainframe operating system.

Ex: VMware Workstation for I/O VZ: NIC=> Network Interface Controller
 20

2.9 Virtualization in Multi-Core Processors: Virtualizing a multi-core processor is more

complicated than that of a uni-core processor. Multi-core processors have high performance
by integrating multiple cores in a chip, but their virtualization poses a new challenge. The
main difficulties are that apps must be utilized in a parallelized way to use all the cores and
this task must be accomplished by software, which is a much higher problem.

To reach these goals, new programming models, algorithms, languages and libraries are
needed to increase the parallelism.

2.10. Physical versus Virtual Processor Cores: A multi-core virtualization method was
proposed to allow hardware designers to obtain an abstraction of the lowest level details of
all the cores. This technique alleviates (lessens) the burden of managing the hardware
resources by software. It is located under the ISA (Instruction Set Architecture) and is
unmodified by the OS or hypervisor. This can be seen in Figure 3.16 [1].
 21

2.10 Virtual Hierarchy: The emerging concept of many-core chip multiprocessors (CMPs)
is a new computing landscape (background). Instead of supporting time-sharing jobs on
one or few cores, abundant cores can be used in a space-sharing – here single or multi-
threaded jobs are simultaneously assigned to the cores. Thus, the cores are separated
from each other and no interferences take place. Jobs go on in parallel, for long time
intervals. To optimize (use effectively) the workloads, a virtual hierarchy has been
proposed to overlay (place on top) a coherence (consistency) and caching hierarchy onto
a physical processor. A virtual hierarchy can adapt by itself to fit how to carry out the
works and share the workspace depending upon the workload and the availability of the
cores.

The CMPs use a physical hierarchy of two or more cache levels that statically determine
the cache (memory) allocation and mapping. A virtual hierarchy is a cache hierarchy
that can adapt to fit the workloads. First level in the hierarchy locates data blocks close
to the cores to increase the access speed; it then establishes a shared-cache domain,
establishes a point of coherence, thus increasing communication speed between the
levels. This idea can be seen in Figure 3.17(a) [1].
 22

Space sharing is applied to assign three workloads to three clusters of virtual cores: VM0
and VM3 for DB workload, VM1 and VM2 for web server workload, and VM4-VM7
for middleware workload. Basic assumption here is that a workload runs in its own VM.
However, in a single OS, space sharing applies equally. To encounter this problem,
Marty and Hill suggested a two-level virtual coherence and caching hierarchy. This can
be seen in Figure 3.17(b) [1].

27-01-2020
 23

3. Virtual Clusters and Resource Management:

● Virtual Cluster is an effective method that ensures high availability of servers and
the network like virtual network.
● The virtual clusters are used in virtual machines in which are installed at various
services.
● A virtual network interconnects each virtual machine in a virtual cluster.
● Each Virtual Machine operates are in its own virtual cluster in the first level in
which minimizes both access time and performance interference.
● The second level maintains a globally shared memory.
● A virtual hierarchy adapts to space-shared workloads like multiprogramming
and server consolidation.
● It is an emerging concept of many-core chip multiprocessors is a new computing
landscape (background). Instead of secondary time-sharing jobs on one or few
cores, abundant cores can be used in a space sharing - here single or multi-threaded
jobs are concurrently allocated to the cores.
● This increase is workload, particularly when more and more Virtual Machines join
the clusters.
● As a solution to this, a service is needed that takes care of the configuration
information (capacity, speed etc.) of the VMs.
● VMs can communicate with each other freely through the virtual network and
configure automatically.
3.1. Physical versus Virtual Clusters: A physical cluster is a collection of physical
servers that are interconnected. The issues that are to be distributed with here are:
1. Live Migration(Relocation) of Virtual Machines
2. Memory and File Migrations
3. Dynamic Deployment of Virtual Clusters.

● Virtual Clusters constructed with Virtual Machines installed at one or more

physical clusters.
● A virtual network interconnects the Virtual Machines in a virtual cluster across
several physical networks.
● The concept can be observed in Figure 3.18.
 24

3.1 The delivering of VMs to a virtual cluster is done dynamically to have the following
properties:
● The virtual cluster nodes can be either physical or virtual (VMs) with different
operating systems.
● A VM runs with a guest OS that manages the resources in the physical machine.
● The purpose of using VMs is to combine multiple functionalities on the same server.
● VMs can be replicated in multiple servers to promote parallelism, fault tolerance and
disaster discovery.
● The no. of nodes in a virtual cluster can grow or shrink dynamically.
● The failure of some physical nodes will slow the work but the failure of VMs will cause
no harm (fault tolerance is high).

3.2 Virtualization is broadly used then the VMs on virtual clusters have to be effectively
managed. The virtual computing environment should provide high performance in virtual
cluster deployment, monitoring large clusters, scheduling of the resources, fault tolerance
and so on.
 25

3.3 Figure 3.19 [1] shows the concept of a virtual cluster based on application partitioning.
The different colours represent nodes in different virtual clusters.
The storage images (SSI) from different VMs from different clusters is the most
important concept here.
Software packages can be pre-installed as templates and the users can build their own
software stacks.
Note that the boundary of the virtual cluster might change since VM nodesare added,
removed, or migrated dynamically.

3.4 Fast Deployment and Effective Scheduling: The concerned system should be able to

● Construct and distribute software stacks (OS, libraries, apps) to a physical node
inside the cluster as fast as possible
● Quickly switch runtime environments from one virtual cluster to another.

NOTE: Green Computing:

● It is a methodology that is environmentally responsible and an eco-friendly usage

of computers and their resources.
● It is also defined as the study of designing, manufacturing, using and disposing
of computing devices in a way that reduces their environmental impact.

3.5 Engineers must concentrate upon the point the available resources are utilized in a cost and
energy-reducing manner to optimize the performance and throughput.
 26

Parallelism must be put in place wherever needed and virtual machines/clusters should be
used for attaining this goal.
Through this, we can reduce the overhead, attain load balancing, achieve scale-up, and
scale-down mechanisms on the virtual clusters.
Finally, the virtual clusters must be clustered among themselves again by mapping
methods in a dynamical manner.

3.6 High Performance Virtual Storage:

● A template must be ready for the VM construction and usage and distributed to the
physical hosts.
● Software packages that reduce the time for customization (getting used to) and
switching of environment.
● Users should be identified by their profiles that are stored in data blocks.
● All these methods increase the performance in virtual storage. Ex: Dropbox
Steps to deploy (arrange/install) a group of VMs onto a target cluster:
● Preparing the disk image (SSI)
● Configuring the virtual machines
● Choosing the destination nodes
● Executing the VM deployment commands at every host

3.7 NOTE:
● A template is a disk image/SSI that hides the distributed environment from the
user.
● It may consist of an OS and some apps.
● Templates are selected by the users as per their requirements and can implement
Copy on Write format.
● A new Copy on Write backup file is small and easy to create and transfer, thus
reducing space consumption.
● Every VM is configured with a name, disk image, network settings, and is
allocated a CPU and memory.
● However, this might be unwieldy if the VMs are many in number.
● The process can be simplified by configuring similar VMs with pre-edited
profiles.
● Finally, the deployment principle should be able to fulfil the VM requirement to
balance the workloads.

3.8 Live VM Migration Steps:

 27

● Usually in a cluster built with mixed modes of Host and Guestsystemsarethe

procedure is to run everything on the physical machine.
● When a VM fails, it can be replaced by another VM on a different node, as long
as they both run the same guest OS.
● This is called a fail-over(It is a procedure by which a system automatically
transfers control to a duplicate system when it detects a fault or failure)of a
physical system to a Virtual Machine.
● Compared to a physical-physical failover, this methodology has more flexibility.
● It also has a drawback–a VM must stop working if its host node fails. This can
be pointed by migrating from one node to another for a similar VM.
● The live migration process is depicted in Figure 3.20 [1].
3.9 Managing a Virtual Cluster:
There exist four ways.
(a) We can use a guest-based manager, by which the cluster manager resides inside a
guest OS.
Ex: A Linux cluster can run different guest operating systems on top of the Xen
hypervisor.
(b) We can bring out a host-based manager which itself is a cluster manager on the host
systems.
Ex:VMware HA (High Availability) system that can restart a guest system after
failure.
(c) An independent cluster manager in which can be used on both the host and the
guest – making the infrastructure complex.
(d) Finally, we might also use an integrated cluster (manager), on the guest and host
operating systems; here the manager must clearly distinguish between physical and
virtual resources.

NOTE: The virtual cluster management schemes are greatly enhanced if the VM life
migration is enabled with minimum overhead.
 28

3.10 Virtual clusters are generally used where fault tolerance of VMs on the host plays an
important role in the total cluster strategy.
These clusters can be applied in grids, clouds and HPC platforms.
Dynamical finding and usage of resources as per requirement and less migration time &
bandwidth that is used obtain the HPC.
3.11 A VM can be in one of the following states:
(a) Inactive State: This is defined by the VZ platform, under which the VM is not
enabled.
(b) Active State: This refers to a VM that has been instantiated at the VZ platform to
perform a task.
(c) Paused State: A VM has been instantiated but disabled temporarily to process a task
or is in a waiting state itself.
(d) Suspended State: A VM enters this state if its machine file and virtual resources are
stored back to the disk.

3.12 Live Migration Steps:

This consists of 6 steps.
(a) Steps 0 and 1: Start migration automatically and checkout load balances and server
consolidation.
 29

(b) Step 2: Transfer memory (transfer the memory data + recopy any data that is changed
during the process). This goes on iteratively till changed memory is small enough to
be handled directly.
(c) Step 3:Suspend the VM and copy the last portion of the data.
(d) Steps 4 and 5:Commit and activate the new host. Here, all the data is recovered, and
the VM is started from exactly the place where it was suspended, but on the new host.

3.13 Virtual Clusters are being widely used to use the computing resources effectively to
generate High Performance to overcome the burden of interaction between different OSs
and make different configurations to coexist.

3.14 Memory Migration:

This is done between the physical host and any other physical/virtual machine. The
techniques used here depend upon the guest OS.
MM can be in a range of megabytes to gigabytes.
The Internet Suspend-Resume (ISR) technique exploits temporal locality since the
memory states are may have overlaps in the suspended/resumed instances of a VM.

Temporal locality (TL) refers to the fact that the memory states differ only by the
amount of work done since a VM was last suspended.

● To utilize the TL, each file is represented as a tree of small sub-files.

● A copy of this tree exists in both the running and suspended instances of the VM.
● The advantage here is usage of tree representation of a file and caching ensures
that the changed files are only utilized for transmission.

3.15 File System Migration:

● To support VM migration from one cluster to another, a consistent and location-
dependent view of the file system is available on all hosts.
● Each VM is provided with its own virtual disk to which the file system is mapped.
● The contents of the VM can be transmitted across the cluster by inter-connections
(mapping) between the hosts.
● However, migration of an entire host (if required) is not advisable due to cost and
security problems.
● We can also provide a global file system across all host machines where a VM can
be located.
● This methodology removes the need of copying files from one machine to another
– all files on all machines can be accessed through network.
● It should be noted here that the actual files are not mapped or copied.
● The VMM accesses only the local file system of a machine and the
original/modified files are stored at their respective systems only.
● This decoupling improves security and performance but increases the overhead of
the VMM – every file has to be stored in virtual disks in its local files.
 30

3.16 Smart Copying ensures that after being resumed from suspension state, a VM doesn’t get
a whole file as a backup. It receives only the changes that were made. This technique
reduces the amount of data that has to be moved between two locations.

3.17 Network Migration: A migrating should maintain open network connections. It should
not depend upon forwarding mechanisms (mediators) or mobile mechanisms. Each VM
should be assigned a unique IP or MAC (Media Access Control) [7]addresseswhich is
different from that of the host machine. The mapping of the IP and MAC addresses to
their respective VMs is done by the VMM.

If the destination of the VM is also on the same LAN, special messages are sent using
MAC address that the IP address of the VM has moved to a new location. If the
destination is on another network, the migrating OS can keep its original Ethernet MAC
address and depend on the network switch [9] to detect its move to a new port [8].

3.18 Note that live migration means moving a VM from one physical node to another while
keeping its OS environment and apps intact. All this process is carried out by a program
called migration daemon. This capability provides efficient online system maintenance,
reconfiguration, and load balancing, and improved fault tolerance. The recently improved
mechanisms are able to migrate without suspending the concerned VM.

3.19 There are two approaches in live migration: pre copy and post copy.

(a) In pre copy, which is manly used in live migration, all memory pages are first
transferred; it then copies the modified pages in the last round iteratively. Here,
performance ‘degradation’ will occur because migration will be encountering dirty
pages (pages that change during networking) [10] all around in the network before
getting to the right destination. The iterations could also increase, causing another
problem. To encounter these problems, check-pointing/recovery process is used at
different positions to take care of the above problems and increase the performance.
(b) In post-copy, all memory pages are transferred only once during the migration
process. The threshold time allocated for migration is reduced. But the downtime is
higher than that in pre-copy.

NOTE: Downtime means the time in which a system is out of action or cannot handle
other works.

Ex: Live migration between two Xen-enabled hosts: Figure 3.22 [1]
CBC Compression=>Context Based Compression
RDMA=> Remote Direct memory Access
 31

4. VZ for Data Centre Automation: Data Centres have been built and automated recently by
different companies like Google, MS, IBM, Apple etc. By utilizing the data centres and the
data in the same, VZ is moving towards mobility, reduced maintenance time, and
increasing the number of virtual clients. Other factors that influence the deployment and
usage of data centres are high availability (HA), backup services, and workload balancing.

4.1 Server Consolidation in Data Centres: In data centers, heterogeneous workloads may run
at different times. The two types here are
(a) Chatty (Interactive) Workloads: These types may reach the peak at a particular time
and may be silent at some other time. Ex: WhatsApp in the evening and the same at
midday.
(b) Non-Interactive Workloads: These don’t require any users’ efforts to make progress
after they have been submitted. Ex: HPC

The data center should be able to handle the workload with satisfactory performance both at
the peak and normal levels.

It is common that much of the resources of data centers like hardware, space, power and
cost are under-utilized at various levels and times. To come out of this disadvantage, one
approach is to use the methodology of server consolidation. This improves the server
utility ratio of hardware devices by reducing the number of physical servers. There exist
two types of server consolidation: (a) Centralised and Physical Consolidation (b) VZ
based server consolidation. The second method is widely used these days, and it has some
advantages.
● Consolidation increases hardware utilization
● It enables more agile provisioning of the available resources
● The total cost of owning and using data center is reduced (low maintenance, low
cooling, low cabling etc.)
 32

● It enables availability and business continuity – the crash of a guest OS has no effect
upon a host OS.
4.2 NOTE: To automate (VZ) data centers one must consider several factors like resource
scheduling, power management, performance of analytical models and so on. This
improves the utilization in data centers and gives high performance. Scheduling and
reallocation can be done at different levels at VM level, server level and data center level,
but generally any one (or two) level is used at a time.

The schemes that can be considered are:

(a) Dynamic CPU allocation: This is based on VM utilization and app level QoS[11]
(Quality of Service) metrics. The CPU should adjust automatically according to the
demands and workloads to deliver the best performance possible.
(b) Another scheme uses two-level resource management system to handle the complexity
of the requests and allocations. The resources are allocated automatically and
autonomously to bring down the workload on each server of a data center.

Finally, we should efficiently balance the power saving and data center performance to
achieve the HP and HT also at different situations as they demand.

4.3 Virtual Storage Management: VZ is mainly lagging behind the modernisation of data
centers and is the bottleneck of VM deployment. The CPUs are rarely updates, the chips are
not replaced and the host/guest operating systems are not adjusted as per the demands of
situation.

Also, the storage methodologies used by the VMs are not as fast as they are expected to be
(nimble). Thousands of such VMs may flood the data center and their lakhs of images (SSI)
may lead to data center collapse. Research has been conducted for this purpose to bring out
an efficient storage and reduce the size of images by storing parts of them at different
locations. The solution here is Content Addressable Storage (CAS). Ex: Parallax system
architecture (A distributed storage system).This can be viewed at Figure 3.26 [1], P25.

4.4 Note that Parallax itself runs as a user-level application in the VM storage, providing
Virtual Disk Images (VDIs). A VDI can accessed in a transparent manner from any host
machine in the Parallax cluster. It is a core abstraction of the storage methodology used by
Parallax.
 33

4.5 Cloud OS for VZ Data Centers: VI => Virtual Infrastructure managers Types can be seen
in Table 3.6 [1].

4.6 EC2 => Amazon Elastic Compute Cloud

WS =>Web Service
CLI =>Command Line Interface
WSRF =>Web Services Resource Framework
KVM =>Kernel-based VM
VMFS =>VM File System
HA =>High Availability
 34

4.7 Example of Eucalyptus for Virtual Networking of Private Cloud: It is an open-source

software system intended for IaaS clouds. This is seen in Figure 3.27 [1].

4.8 Instance Manager (IM): It controls execution, inspection and terminating of VM instances
on the host machines where it runs.
Group Manager (GM): It gathers information about VM execution and schedules them on
specific IMs; it also manages virtual instance network.
Cloud Manager (CM): It is an entry-point into the cloud for both users and administrators.
It gathers information about the resources, allocates them by proper scheduling, and
implements them through the GMs.

4.9 Trust Management in VZ Data Centers: As a recollect, a VMM (hypervisor) is a layer

between the host OS and the hardware to create 1 or more VMs on a single platform. A VM
encapsulates the guest OS and its current state and can transport it through the network as a
SSI. At this juncture, in the network transportation, any intruders may get into the image or
the concerned hypervisor itself and pose danger to both the image and the host system. Ex:
A subtle problem lies in reusing a random number for cryptography.

4.10 VM-based Intrusion Detection: Intrusions are unauthorized access to a computer from
other network users. An intrusion detection system (IDS), which is built on the host OS
can be divided into two types: host-based IDS (HIDS) and a network-based IDS (NIDS).

VZ based IDS can isolate each VM on the VMM and work upon the concerned systems
without having contacts with the other. Any problem with a VM will not pose problems
for other VMs. Also, a VMM audits the hardware allocation and usage for the VMs
regularly so as to notice any abnormal changes. Still yet, the host and guest OS are fully
isolated from each other. A methodology on these bases can be noticed in Figure 3.29 [1].
 35

The above figure proposes the concept of granting IDS runs only on a highly-
privilegedVM. Notice that policies play an important role here. A policy framework can
monitor the events in different guest operating systems of different VMs by using an OS
interface library to determine which grant is secure and which is not.

It is difficult to determine which access is intrusion and which is not without some time
delay. Systems also may use access ‘logs’ to analyze which is an intrusion and which is
secure. The IDS log service is based on the OS kernel and the UNIX kernel is hard to
break; so even if a host machine is taken over by the hackers, the IDS log book remains
unaffected.

The security problems of the cloud mainly arise in the transport of the images through the
network from one location to another. The VMM must be used more effectively and
efficiently to deny any chances for the hackers.

****************
 36

References
1. Kai Hwang et al, Distributed and Cloud Computing – From Parallel Processing to the
Internet of Things, Morgan Kaufmann, Elsevier, 2012.
2. https://en.wikipedia.org/wiki/Multiplexing
3. http://cloudacademy.com/blog/container-virtualization/
4. https://en.wikipedia.org/wiki/Library_(computing)#Shared_libraries
5. https://en.wikipedia.org/wiki/Binary_translation
6. https://pubs.vmware.com/vsphere-51/topic/com.vmware.vsphere.resmgmt.doc/GUID-
C25A8823-F595-4322-BD0D-4FD5B081F877.html
7. http://searchnetworking.techtarget.com/definition/MAC-address
8. http://searchnetworking.techtarget.com/definition/port
9. https://en.wikipedia.org/wiki/Network_switch
10. https://en.wikipedia.org/wiki/Live_migration
11. http://searchunifiedcommunications.techtarget.com/definition/QoS-Quality-of-Service