Chapter 2: Infrastructure as a Service (IaaS)

Question 1

What is a Hypervisor?

Answer 1

• is a program that allows multiple OS systems to share a single hardware host, each OS appears to have the host’s resources ie: processore, memeory, nic etc all to itself

Question 2

Name and explain Type 1 Hypervisor

Answer 2

Runs directly on hardware

• More secure and more available
• Offers better performance to the guests it supports
• Requires special device drivers

Question 3

Name and explain Type 2 Hypervisor

Answer 3

Runs on top of an OS

• Leverages the OS drivers
• Often used for desktop development and testing
• More overhead

Question 4

What are the Challenges for IaaS Providers?

Answer 4

• Rapid provisioning
• Elasticity
• Isolation of different consumers
• Performance

Question 5

Definition of Virtualization

Answer 5

Virtualization is the simulation of the software and/or hardware upon which other software runs. This simulated environment is called a virtual machine (VM).

Question 6

What is the challenge of Elasticity for a Cloud?

Answer 6

• Create illusion of infinite resources

- manage data center in a cost-efficient manner

Question 7

What is the challenge Rapid Provisioning for a Cloud?

Answer 7

• Resources must be available to the consumer quickly

- No human interaction during provisioning

Question 8

Taxonomy of Virtualization

Answer 8

• Process Virtualization
• OS Virtualization
• System Virtualization

Question 9

What is the VMM?

Answer 9

Virtual machine monitor

aka Hypervisor

Question 10

Name the three types of processor instructions.

Answer 10

• Privileged instruction
• Sensitive instructions
• Unprivileged instructions

Question 11

What is the necessary condition to the processor instructions for efficient virtualization (Popek and Goldberg-Theorem)?

Answer 11

Set of sensitive instructions is a subset of the set of privileged instructions. (=Condition satisfied)

Question 12

What are the three Hardware Virtualization techniques?

Answer 12

• Full Virtualization
• Paravirtualization (OS-Assisted)
• Hardware-Assisted Virtualization

Question 13

Define Full Virtualization.

Answer 13

Full Virtualization is virtualization in which the guest operating system is unaware that it is in a virtualized environment, and therefore hardware is virtualized by the host operating system.

Question 14

Define Paravirtualisation.

Answer 14

Software Assisted Virtualization (Paravirtualization) is virtualization in which the guest operating system is aware that it is a guest. Therefore the guest source code is modified so that it avoids assistance of the VMM as far as possible.

Question 15

Define Hardware-Assisted Virtualization.

Answer 15

Hardware Assisted Virtualization has special instructions to aid the virtualization of hardware. The guest can execute privileged instructions directly on the processor without affecting the host.

Question 16

Explain Full Virtualization using Binary Translation

Answer 16

• Find critical instructions and replace them
  
  • Run unprivileged instructions directly on CPU
  • Trap and emulate privileged and sensitive instructions
  • Find critical instructions and replace with exception
• Problem: Replacement must be done at runtime

Question 17

What is the MMU

Answer 17

Memory management unit (MMU) translates logical to physical memory addresses
by lookup the page table (logical page ←→ physical page)

Question 18

What are Shadow Pages?

Answer 18

Shadow page tables solves the problem of additional memory access required to resolve address at full virtualisation. By mapping the logical pages of a process in the VM directly to the physical address.

Question 19

What are the classes of I/O devices

Answer 19

1. Dedicated devices (e.g. display, keyboard, mouse, …)
   Not shared among VMs on a very long time scale
2. Partitioned devices (e.g.disks)
   Partitions made available to VMs as dedicated devices
3. Shared devices (e.g. network adapters)
   Shared among VMs on very fine-grained time scale
4. Spooled devices (e.g.printers)
   Shared among VMs but with time higher granularity
5. Non existent physical devices e.g.virtualNICs)
   Virtual devices without physical counterpart

Question 20

What is the idea for Paravirtualization (OS-Assisted)?

Answer 20

Idea of Paravirtualization:

• Make guest OS aware that it is running in a VM
• Modify the guest source code so that it avoids assistance of the VMM as far as possible

Question 21

How does Physical Memory Management with XEN work?

Answer 21

Domain gets fraction of phys. memory at creation time

• Static partitioning among domains
• No guarantee partition is contiguous
• Hypervisor knows which domain „owns“ which pages
• Each guest (Domain) needs which Blocks to use

Question 22

How does Virtual Memory Management with XEN work?

Answer 22

Command Batching:

• Xen collects Requests and submits them with one hypercall
• > Requests are not immediately processed
• > Requires only one entry to hypervisor

Question 23

How does I/O Virtualization with XEN work?

Answer 23

• XEN itself contains specific device drivers

- I/O data transferred from guests via XEN using shared-memory, async. buffer ring

Question 24

Explain how Binary Translation works

Answer 24

1. Separate instruction sequence in translation units
2. Check unit for critical instructions and modify code
3. Modified code is stored in translation cache

Question 25

Name different levels of I/O virtualization possible

Answer 25

1. At system call level
2. At device driver level
3. At I/O operation level

Question 26

What is the requirement for Paravirtualization (OS-Assisted)?

Answer 26

Requirements for pure OS-assisted approach:
- Source code of guest operating system is available
- Modified guest OS maintains application binary interface
Most common used for device driver virtualization. e.g. XEN

Question 27

Explain the procedure of Memory Virtualization with XEN work?

Answer 27

1. Guest requests page table update via hypercall
2. XEN checks if mapping address belongs to domain
3. If ok, allows update to page table

Question 28

Explain I/O Virtualization with XEN work?

Answer 28

I/O data transferred from guests via XEN using shared-memory, async. buffer ring (circular buffer)
■ Descriptions reference guest’s memory pages

Question 29

Summary OS-Assisted Virtualization

Answer 29

Requires modified guest OS? YES
Requires hardware support? NO

+ Better performance through cooperation between hypervisor and guest OS

• Limited compatibility, not generally applicable
• Increased management overhead for data center operator, different version of OS must be maintained

Question 30

Summary of full virtualization

Answer 30

Requires modified Guest OS? YES
Requires hardware support? NO
Good approach for compute-intensive applications, because unprivileged instructions run directly on CPU

Question 31

Which Virtualization requires a modified guest OS?

Answer 31

OS-Assisted Virtualization

Question 32

Which Virtualization requires hardware support?

Answer 32

HW-Assisted Virtualization

Question 33

Performance of Full Virtualization

Answer 33

■ Good approach for compute-intensive applications
♦ Unprivileged instructions run directly on CPU
■ Degraded performance for data-intensive applications
♦ I/O requires syscallsprivileged instructions
♦ “trap and emulate” often requires context switches
♦ Context switches lead to complete flush of TLB

Question 34

Pros and Cons of OS-Assisted

Answer 34

+ Better performance through cooperation between hypervisor and guest OS

• Limited compatibility, not generally applicable
• Increased management overhead for data center operator, different version of OS must be maintained

Question 35

Pros and Cons of HW-Assisted

Answer 35

+ Improved performance even for unmodified guest OSs
+ Good adaption of 1st generation HW-support by VMMs
+ 2nd generation VMM support increasingly deployed
- Reduced flexibility due to hardware constraints (especially for 3rd generation HW support)

Question 36

First Generation of HW - Assisted Virtualization

Answer 36

Two new CPU modes: VMM runs in root mode vs. Guest OS in guest mode
VMM and guest run as “co-routines”
VMM can give CPU to guest OS (VM ENTER)
VMM can define conditions when to regain CPU (VM EXIT)
VMM uses control bits to “confine” and observe guest

Question 37

Second Generation of HW - Assisted Virtualization

Answer 37

Extended Page Tables/Nested Page Tables introduce HW support for memory virtualization
Translation lookaside buffer TBL continues to cache LA PA address translation
MMU composes LA RA and RA PA mapping at TLB fill time

Question 38

Third Generation of HW - Assisted Virtualization

Answer 38

Third generation support for virtualization focuses on I/O

Question 39

Design Focus of HW- Support: Direct Assignment

Answer 39

■ No sharing of device between several VMs
■ Guest VMs runs the unmodified device drivers
■ Goal: Efficient I/O without VMM intervention
■ Challenge: VMM must still ensure correctness & isolation

Question 40

Desired property: Live migration

Answer 40

■ No shutdown of the virtual machine
■ No disruption of the service
■ Minimal impact for the user
Minimize downtime and total migration time

Question 41

Strategies for Memory Migration

Answer 41

1. Push phase
   ■ Source VM continues running, sends pages to destination ■ Memory must potentially be sent multiple times Minimum downtime, potentially long migration time
2. Stop-and-copy phase
   ■ Source VM stopped, pages copied to destination VM
   ■ Destination VM is started after having received all pages Short overall migration time, long downtime
3. Pull phase
   ■ Execute new VM, pull accessed pages from source Performance depends on number of page faults

Question 42

Resource Distribution among VMs

Answer 42

Storage space: statically partitioned
■ Each VM typically receives predefined fraction of disk
Main memory: statically partitioned
■ Each VM typically receives predefined fraction of RAM
CPU: Different methods possible
■ Pinning: Each VM is statically assigned CPU (cores)
■ Scheduling: VMM dynamically assigns time slots to VMs
I/O Access: Typically FCFS, see XEN ring buffer
■ More sophisticated methods subject to research!

Question 43

What means Virtual Machine Migration

Answer 43

Move VM from one physical host to another

Question 44

define shadow page tables? what does they do?

Answer 44

Shadow page tables solves the problem of additional memory access required to resolve address at full virtualisation. By mapping the logical pages of a process in the VM directly to the physical address.