SlideShare ist ein Scribd-Unternehmen logo

Cloud Computing Virtualization and Containers Guide

Selvaraj Kesavan
Selvaraj Kesavan

Virtualization and docker concepts

Technologie
1 von 33
Downloaden Sie, um offline zu lesen
CLOUD COMPUTING- VIRTUALIZATION AND CONTAINERS Dr.Selvaraj Kesavan
Contents - Virtualization 2  Virtualization  Types of Virtualization and Advantages  x86 Hardware Virtualizations  Virtualization Issues  Dockers
Cloud Computing - Enablers 3  Virtualization  Web 2.0 and social networking  Web Scaling  Hardware costs  Evolution of high speed communication technologies
Virtualization 4  A virtual machine (VM) is a software implementation of a machine (for example, a computer) that executes programs like a physical machine  Each VM is fully protected and isolated copy of physical machine. It is used to share the expensive hardware which helped to reduce costs and also helped to improve the productivity as many users can concurrently used the same hardware Cloud Resource Virtualization  System security, as it allows isolation of services running on the same hardware.  Performance and reliability, as it allows applications to migrate from one platform to another.  The development and management of services offered by a provider.  Performance isolation
Virtualization 5 • Traditional environment • 50 applications, DB’s require multiple machines based on Architecture /platform • High infrastructure and hardware cost • Increasing complexity and High maintenance • Multiple development environment • Virtualization • Isolation & encapsulation • Scalability • Containers • software technology providing additional layer of abstraction and over OS virtualization. • Build once and deploy many times.
Virtualization Interfaces 6 Instruction Set Architecture (ISA)  Boundary between hardware and software. Application Binary Interface (ABI)  regulates the inter-operation of binary code and development tools in architecture-based execution environments  objects produced by the toolchain can work together with object libraries from different producers  Application and the library modules to access the hardware;  ABI does not include privileged system instructions, instead it invokes system calls. Application Program Interface (API)  Set of instructions the hardware was designed to execute and gives the application access to the ISA;  Includes HLL library calls which often invoke system calls.
Virtualization 7  Application Programming Interface, Application Binary Interface, and Instruction Set Architecture .  An application uses library functions (A1), makes system calls (A2), and executes machine instructions (A3).
Virtualization - Types 8 • Hardware Virtualization (system Virtualization) • Guest running on the top of hardware • Guest - operating system, Host -Physical computer hardware • Virtual machine Manager(Hypervisor) allows the abstraction of the underlying physical hardware • It is program or a combination of software and hardware • Provides direct ISA mapping to Virtual machines • Type 1 (bare metal) and Type 2 (on OS) Hypervisor • Hardware Assisted (Xen,VMWare) Full and Paravirtualization (Xen,VMWare, Wind River). • OS Virtualization (Process Virtualization) • Create different and separated execution environments for applications concurrently. • OS kernel allows for multiple isolated user space instances. • Directly use OS calls without emulation • Ex: Containers, • Key building block in IaaS • Programming language-level virtualization
Virtualization – Classification (Based on Usage) 9 • Server virtualization • Abstracts the physical machine on which the software and operating system is running on and provides an illusion that the software is running on a virtual machine. • Enables Infrastructure as a service model. • VMware, Microsoft Hyper-V, Red Hat KVM and Citrix Xen • Storage virtualization • Uses virtualization to enable better functionality and more advanced features in computer data storage systems. • It can be defined as technique to abstract physical storage system from user’s application and presented as logical entities hiding the complexities of accessing them. • It enables Storage as a service model. • RAID array can sometimes be considered a type of storage virtualization. Multiple physical disks in the array are presented to the user as a single storage device that, in the background, replicates data to multiple disks in case of a single disk failure
Virtualization – Classification (Based on Usage) 10 • Need for Server virtualization • In the case of server consolidation, many small physical servers are replaced by one larger physical server to increase the utilization of costly hardware resources such as CPU. • Consolidating servers can also have the added benefit of reducing energy consumption. • A virtual machine can be more easily controlled and inspected from outside than a physical one, and its configuration is more flexible. • A new virtual machine can be provisioned as needed without the need for an up-front hardware purchase. • A virtual machine can easily be relocated from one physical machine to another as needed. • Need for Storage virtualization  Manage heterogeneous storage environments
Elements of Hardware (System)Virtualization 11 • Guest OS • Software installed on either a virtual machine (VM) or partitioned disk that describes an operating system that is different than the host operating system • Virtual Machine Monitor (VMM) or hypervisor • Hypervisor is an efficient Virtual Machine Manager (VMM) that is designed from the ground up to run multiple high performant VMs • Host OS • Software installed on a computer that interacts with the underlying hardware and is usually used to describe an operating system used in a virtualized server
Virtual Machine Monitor (VMM) or Hypervisor 12 • Multiple services to share the same platform. • Live migration - the movement of a server from one platform to another. • System modification while maintaining backward compatibility with the original system. • Enforces isolation among the systems, thus security. • Traps the privileged instructions executed by a guest OS and enforces the correctness and safety of the operation. • Traps interrupts and dispatches them to the individual guest operating systems. • Controls the virtual memory management • Maintains a shadow page table for each guest OS and replicates any modification made by the guest OS in its own shadow page table. • This shadow page table points to the actual page frame and it is used by the Memory Management Unit (MMU) for dynamic address translation. • Monitors the system performance and takes corrective actions to avoid performance degradation. For example, the VMM may swap out a Virtual Machine to avoid thrashing.
Virtual Machine Monitor (VMM) or Hypervisor 13 • Partitioning Kernel ▪ “Partition” is isolation boundary ▪ Few virtualization functions; relies on virtualization stack • Very thin layer of software ▪ Microkernel ▪ Highly reliable ▪ Basis for smaller Trusted Computing Base (TCB) • No device drivers ▪ Drivers run in a partition • Well-defined interface ▪ Allow others to create support for their OSes as guests
Virtual Machine Monitor (VMM) or Hypervisor 14 Monolithic and Microkernel hypervisor:  Single kernel  Simple kernel with partitioning functionality
Virtual Machine Monitor (VMM) or Hypervisor 15 Basic Functionalities of Hypervisors  CPU sharing –  virtual view of CPU to VMs (vCPU)  VMM or Hypervisor allots CPU to different VMs  Share Memory  Application access memory via Kernel and Hypervisor  Virtual Machines two level of indirection maintained by VMM  I/O Share  Guest kernel to convey an arbitrary location to device for writing  Each device defines its own protocol for talking to drivers  virtual device is substituted for its physical equivalent
Types of Hypervisors 16  Native hypervisor (Bare metal)  Native hypervisor run directly on top of physical hardware providing the features like IO etc required by the applications.  Hosted hypervisor  Hosted hypervisors runs on top of operating system and uses features of operating system.  Hosted hypervisors run on top of an existing OS and leverage the features of the underlying OS.  Virtual machines run on top of the hosted hypervisor, which runs on top of an existing OS.  Hybrid hypervisor.  Hybrid hypervisors runs directly on top of hardware and uses features of operating system.
Native hypervisor (Bare metal) 17 Native Hypervisor Hosted Hypervisor Hybrid Hypervisor
Techniques for Hypervisors- Full and Para Virtualization 18  Full virtualization  Guest OS can run unchanged under the VMM as if it was running directly on the hardware platform.  Hypervisor provides complete abstraction, and the guest OSes don't know -- or care -- about the presence of a hypervisor.  VM manager to translate back and forth between physical and virtual resources, like CPUs and memory spaces  Requires a virtualizable architecture.  Examples: Vmware.  Paravirtualization  Guest operating system is modified to use only instructions that can be virtualized.  allowing an OS to actually recognize the presence of a hypervisor and communicate directly with that hypervisor to share activity that would otherwise be complex and time-consuming for the hypervisor's VM manager to handle  Guest VM OSes must be modified or adapted to implement an API capable of exchanging hypercalls with the paravirtualization hypervisor  Reasons for paravirtualization:  Some aspects of the hardware cannot be virtualized.  Improved performance.
Techniques for Hypervisors 19 Trap and emulate virtualization  When CPU is running in user mode, some internal or external events, which need to be handled in kernel mode, take place.  Then CPU will jump to hardware exception handler vector, and execute system operations in kernel mode. Ex: System Call  Invoked by application in user mode.  For example, application ask OS for system IO. Hardware Interrupts  Invoked by some hardware events in any mode.  For example, hardware clock timer trigger event. Exception  Invoked when unexpected error or system malfunction occur.  For example, execute privilege instructions in user mode.
Techniques for Hypervisors 20 To make CPU virtualization to be efficient  We should make guest binaries run on CPU as fast as possible.  Theoretically, run all guest binaries natively, there will NO overhead at all.  But we cannot let guest OS handle everything, VMM should be able to control all hardware resources. Solution : Ring Compression  Shift traditional OS from kernel mode(Ring 0) to user mode(Ring 1), and run VMM in kernel mode.  Then VMM will be able to intercept all trapping event.
Techniques for Hypervisors 21  Guests continue execution until they try to access a shared physical resource of the hardware (such as an I/O device), or an interrupt is received.  When this happens, the hypervisor regains control and mediates access to the hardware, or handles the interrupt  privilege level or protection ring  x86 privilege levels, the mechanism whereby the OS and CPU conspire to restrict what user-mode programs can do  0 (most privileged) to 3 (least privileged)  All user code runs in ring 3 and all kernel code runs in ring 0  If the guest tries to access a protected resource, such as an I/O device, an interrupt takes place, and the hypervisor regains control. The hypervisor then emulates the I/O operation for the guest.
22 Trap and Emulate Model  Let normal instructions of guest OS run directly on processor in user mode.  When executing privileged instructions, hardware will make processor trap into the VMM.  The VMM emulates the effect of the privileged instructions for the guest OS and return to guest.
23 Trap and Emulate Model • VMM and Guest OS :  System Call • CPU will trap to interrupt handler vector of VMM. • VMM jump back into guest OS.  Hardware Interrupt • Hardware make CPU trap to interrupt handler of VMM. • VMM jump to corresponding interrupt handler of guest OS.  Privilege Instruction • Running privilege instructions in guest OS will be trapped to VMM for instruction emulation. • After emulation, VMM jump back to guest OS.
24 Trap and Emulate Model  Limitations:  Some amount of performance overhead incurred due to this technique  Not all architectures are suitable for implementing trap and emulate virtualization.  Some commands executed in privilege mode to non privilege mode using the classical trap and emulate technique will not serve the purpose  Binary translation  Hypervisor includes a binary translator which replaces the sensitive instructions by equivalent non-sensitive instructions at run-time, and leaves non-sensitive instructions unchanged  Paravirtualization:  The guest is modified (re-written) not to use the sensitive instruction, but to directly invoke hypervisor APIs
Hardware Support for Virtualization 25  Intel and AMD created new processor extensions to support virtualization in the hardware  VT-x, an Intel technology that helps virtualize Intel x86 processors  Extended Page Tables (EPT) which helps virtualize memory  VT-d, a technology to assist in the virtualization of I/O  VMX root operation and VMX non-root operation  Hypervisors are intended to execute in VMX root operation, which is almost identical to normal execution in earlier x86 processors without VT-x.  Guests execute in VMX non-root operation, which has been defined to help support virtualization.
Virtualization- Advantages 26 • Multiple OS environments can co-exist on the same primary hard drive. Regardless of the system, all files are stored on the hard drive of the host OS. • Application provisioning, maintenance, high availability and disaster recovery are inherent in the virtual machine software selected. • Can provide emulated hardware environments different from the host's instruction set architecture (ISA), through emulation or by using just-in-time compilation.
Virtualization- Limitations 27 • A virtual machine is less efficient than an actual machine when it accesses the host hard drive indirectly. • When multiple VMs are concurrently running on the hard drive of the actual host, adjunct virtual machines may exhibit a varying and/or unstable performance (speed of execution and malware protection). This depends on the data load imposed on the system by other VMs, unless the selected VM software provides temporal isolation among virtual machines. • Malware protections for VMs are not necessarily compatible with the "host", and may require separate software.
Container 28 • Containers and VMs • To isolate an application and its dependencies into a self-contained unit that can run anywhere • Remove the need for physical hardware, allowing for more efficient use of computing resources, both in terms of energy consumption and cost effectiveness. • Containers • virtualize at the operating system level, with multiple containers running atop the OS kernel directly • container provides operating-system-level virtualization by abstracting the “user space” • ability to create predictable environments that are isolated from other applications • run virtually anywhere, greatly easing development and deployment • virtualize CPU, memory, storage, and network resources at the OS-level, providing developers with a sandboxed view of the OS logically isolated from other applications. • Ex: Docker, LXC, Kubernetes, FreeBSD Jails etc..
Docker 29 • Provide a uniformed wrapper around a software package • Build, Ship and Run Any App, Anywhere • Virtualization of application instead of hardware • Runs on top of the core OS (Linux or Windows) • Doesn’t require dedicated CPU, Memory, Network —managed by core OS • Similar to shipping containers: The container is always the same, regardless of the contents and thus fits on all trucks, cranes, ships • Docker • Containerization platform that packages your application and all its dependencies together in the form of a docker container to ensure that your application works seamlessly in any environment • Docker Container • Standardized unit which can be created on the fly to deploy a particular application or environment  Docker Engine • Docker application that is installed on your host machine. It works like a client-server application which uses [www.docker.com]
Docker 30 • Docker Image • Template which is used to create Docker Containers. They are the building blocks of a Docker Container • Docker Registry • Docker Images are stored. The Registry can be either a user’s local repository or a public repository like a Docker Hub • Docker Architecture  Docker client - trigger Docker commands,  Docker Host – running the Docker Daemon  Docker Registry – storing Docker Images.  The Docker Daemon running within Docker Host is responsible for the images and containers
Docker Vs VM 31  Virtual Machines are slow and take a lot of time to boot.  Containers are fast and boots quickly as it uses host operating system and shares the relevant libraries.  Containers do not waste or block host resources unlike virtual machines.  Containers have isolated libraries and binaries specific to the application they are running.  Containers are handled by Containerization engine.  Docker is one of the containerization platforms which can be used to create and run containers  Consistent runtime environment, Application sandboxing, low overhead, occupies less disk size and resource saving
Summary 32  Virtualization – System and Process  VMM or Hypervisor  Guest OS and Host OS  API,ABI and ISA  Trap and Emulate, Binary Translation, Full, Paravirtualization  Docker Container
Thank You 33

Empfohlen

Internet of things
Internet of thingsInternet of things
Internet of thingsSelvaraj Kesavan
 
Emergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewEmergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewSelvaraj Kesavan
 
Quiz 1 cloud computing
Quiz 1 cloud computing Quiz 1 cloud computing
Quiz 1 cloud computing Lahore Garrison University
 
Cloud Computing and Data Centers
Cloud Computing and Data CentersCloud Computing and Data Centers
Cloud Computing and Data Centersbega karadza
 
Why Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformWhy Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformNet at Work
 
Platform as a Service
Platform as a ServicePlatform as a Service
Platform as a ServiceAshok Kumar
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stackSatish Chavan
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine securityJacob Zvirikuzhe
 

Empfohlen

Internet of things
Internet of thingsInternet of things
Internet of thingsSelvaraj Kesavan
 
Emergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewEmergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewSelvaraj Kesavan
 
Quiz 1 cloud computing
Quiz 1 cloud computing Quiz 1 cloud computing
Quiz 1 cloud computing Lahore Garrison University
 
Cloud Computing and Data Centers
Cloud Computing and Data CentersCloud Computing and Data Centers
Cloud Computing and Data Centersbega karadza
 
Why Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformWhy Cloud Computing Matters: The NetSuite Platform
Why Cloud Computing Matters: The NetSuite PlatformNet at Work
 
Platform as a Service
Platform as a ServicePlatform as a Service
Platform as a ServiceAshok Kumar
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stackSatish Chavan
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine securityJacob Zvirikuzhe
 
Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesAditi Shrivastava
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 E B
 
Virtualization
VirtualizationVirtualization
VirtualizationKingston Smiler
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)johndorian555
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud ComputingJosh Folgado
 
Microsoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMicrosoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMd Yousup Faruqu
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
IntroductorytocomputingAnne Starr
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar reportSKS
 
Cloud
CloudCloud
CloudBastin Rogers
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization SecurityRubal Sagwal
 
Virtualization and how it leads to cloud
Virtualization and how it leads to cloudVirtualization and how it leads to cloud
Virtualization and how it leads to cloudHuzefa Husain
 
Virtualization Security Risks
Virtualization Security RisksVirtualization Security Risks
Virtualization Security RisksTommy Tracx Xaypanya
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingVipin Batra
 
Cloud presentation NELA
Cloud presentation NELACloud presentation NELA
Cloud presentation NELAEdward Iglesias
 
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET Journal
 
Virtualization
VirtualizationVirtualization
VirtualizationSrisailam Reddy Kanapuram
 
Private Compute-as-a-Service
Private Compute-as-a-ServicePrivate Compute-as-a-Service
Private Compute-as-a-ServiceKeao Caindec
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hostingtechzimslides
 
Cloud computing
Cloud computingCloud computing
Cloud computingSriharsha Koritala
 
Virtualization and cloud Computing
Virtualization and cloud ComputingVirtualization and cloud Computing
Virtualization and cloud ComputingRishikese MR
 
Virtualization in Cloud Computing
Virtualization in Cloud ComputingVirtualization in Cloud Computing
Virtualization in Cloud ComputingPyingkodi Maran
 

Weitere ähnliche Inhalte

Was ist angesagt?

Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesAditi Shrivastava
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 E B
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)johndorian555
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud ComputingJosh Folgado
 
Microsoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMicrosoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMd Yousup Faruqu
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
IntroductorytocomputingAnne Starr
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar reportSKS
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization SecurityRubal Sagwal
 
Virtualization and how it leads to cloud
Virtualization and how it leads to cloudVirtualization and how it leads to cloud
Virtualization and how it leads to cloudHuzefa Husain
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingVipin Batra
 
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET Journal
 
Private Compute-as-a-Service
Private Compute-as-a-ServicePrivate Compute-as-a-Service
Private Compute-as-a-ServiceKeao Caindec
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hostingtechzimslides
 

Was ist angesagt? (20)

Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization services
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computing
 
Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04 Earthlink introduction and its overview eb 01-16-04
Earthlink introduction and its overview eb 01-16-04
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)
 
Virtualization and Cloud Computing
Virtualization and Cloud ComputingVirtualization and Cloud Computing
Virtualization and Cloud Computing
 
Microsoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private CloudMicrosoft Server Virtualization and Private Cloud
Microsoft Server Virtualization and Private Cloud
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
Introductorytocomputing
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar report
 
Cloud
CloudCloud
Cloud
 
Cloud and Virtualization Security
Cloud and Virtualization SecurityCloud and Virtualization Security
Cloud and Virtualization Security
 
Virtualization and how it leads to cloud
Virtualization and how it leads to cloudVirtualization and how it leads to cloud
Virtualization and how it leads to cloud
 
Virtualization Security Risks
Virtualization Security RisksVirtualization Security Risks
Virtualization Security Risks
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Cloud presentation NELA
Cloud presentation NELACloud presentation NELA
Cloud presentation NELA
 
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
IRJET- A Survey on Virtualization and Attacks on Virtual Machine Monitor (VMM)
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Private Compute-as-a-Service
Private Compute-as-a-ServicePrivate Compute-as-a-Service
Private Compute-as-a-Service
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hosting
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Ähnlich wie Cloud Computing Virtualization and Containers Guide

Virtualization and cloud Computing
Virtualization and cloud ComputingVirtualization and cloud Computing
Virtualization and cloud ComputingRishikese MR
 
Virtualization in Cloud Computing
Virtualization in Cloud ComputingVirtualization in Cloud Computing
Virtualization in Cloud ComputingPyingkodi Maran
 
Unit 3 Virtualization.pdf
Unit 3 Virtualization.pdfUnit 3 Virtualization.pdf
Unit 3 Virtualization.pdfPrachiKurhade3
 
Cloud Computing using virtulization
Cloud Computing using virtulizationCloud Computing using virtulization
Cloud Computing using virtulizationAJIT NEGI
 
Virtualization unit 3.pptx
Virtualization unit 3.pptxVirtualization unit 3.pptx
Virtualization unit 3.pptxBinod Rimal
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatinRaj Sarode
 
Lecture5 virtualization
Lecture5 virtualizationLecture5 virtualization
Lecture5 virtualizationhktripathy
 
lecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptxlecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptxAnilkumarbehera16
 
Unit-3-Virtualization.pptx
Unit-3-Virtualization.pptxUnit-3-Virtualization.pptx
Unit-3-Virtualization.pptxSupriyaPeerapur
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfkhan593595
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfkhan593595
 
Virtualization.pptx
Virtualization.pptxVirtualization.pptx
Virtualization.pptxSenthil Vit
 
Virtualization
VirtualizationVirtualization
Virtualizationvishnurk
 
A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2Krishna Kumar Singh
 
6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptx6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptxAnsarHasas1
 

Ähnlich wie Cloud Computing Virtualization and Containers Guide (20)

Virtualization and cloud Computing
Virtualization and cloud ComputingVirtualization and cloud Computing
Virtualization and cloud Computing
 
Virtualization in Cloud Computing
Virtualization in Cloud ComputingVirtualization in Cloud Computing
Virtualization in Cloud Computing
 
Unit 3 Virtualization.pdf
Unit 3 Virtualization.pdfUnit 3 Virtualization.pdf
Unit 3 Virtualization.pdf
 
Cloud Computing using virtulization
Cloud Computing using virtulizationCloud Computing using virtulization
Cloud Computing using virtulization
 
Virtualization unit 3.pptx
Virtualization unit 3.pptxVirtualization unit 3.pptx
Virtualization unit 3.pptx
 
Chap 2 virtulizatin
Chap 2 virtulizatinChap 2 virtulizatin
Chap 2 virtulizatin
 
Lecture5 virtualization
Lecture5 virtualizationLecture5 virtualization
Lecture5 virtualization
 
Live VM Migration
Live VM MigrationLive VM Migration
Live VM Migration
 
lecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptxlecture5-virtualization-190301171613.pptx
lecture5-virtualization-190301171613.pptx
 
Unit-3-Virtualization.pptx
Unit-3-Virtualization.pptxUnit-3-Virtualization.pptx
Unit-3-Virtualization.pptx
 
1 (3).pptx
1 (3).pptx1 (3).pptx
1 (3).pptx
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdf
 
CloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdfCloudComputing_UNIT 2.pdf
CloudComputing_UNIT 2.pdf
 
Virtualization.pptx
Virtualization.pptxVirtualization.pptx
Virtualization.pptx
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Virtualizaiton-3.pptx
Virtualizaiton-3.pptxVirtualizaiton-3.pptx
Virtualizaiton-3.pptx
 
Virtualization
VirtualizationVirtualization
Virtualization
 
A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2A510840101 24982 23_2020_lecture_2
A510840101 24982 23_2020_lecture_2
 
1 virtualization
1 virtualization1 virtualization
1 virtualization
 
6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptx6-Virtualizaiton-6.pptx
6-Virtualizaiton-6.pptx
 

Mehr von Selvaraj Kesavan

Role of cloud and analytics in IoT
Role of cloud and analytics in IoTRole of cloud and analytics in IoT
Role of cloud and analytics in IoTSelvaraj Kesavan
 
Cloud computing aws -key services
Cloud computing aws -key servicesCloud computing aws -key services
Cloud computing aws -key servicesSelvaraj Kesavan
 

Mehr von Selvaraj Kesavan (6)

Analytics&IoT
Analytics&IoTAnalytics&IoT
Analytics&IoT
 
Role of cloud and analytics in IoT
Role of cloud and analytics in IoTRole of cloud and analytics in IoT
Role of cloud and analytics in IoT
 
Cloud computing aws -key services
Cloud computing aws -key servicesCloud computing aws -key services
Cloud computing aws -key services
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Gstreamer internals
Gstreamer internalsGstreamer internals
Gstreamer internals
 
Multimedia streaming
Multimedia streamingMultimedia streaming
Multimedia streaming
 

Kürzlich hochgeladen

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Kürzlich hochgeladen (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

Cloud Computing Virtualization and Containers Guide

  • 1. CLOUD COMPUTING- VIRTUALIZATION AND CONTAINERS Dr.Selvaraj Kesavan
  • 2. Contents - Virtualization 2  Virtualization  Types of Virtualization and Advantages  x86 Hardware Virtualizations  Virtualization Issues  Dockers
  • 3. Cloud Computing - Enablers 3  Virtualization  Web 2.0 and social networking  Web Scaling  Hardware costs  Evolution of high speed communication technologies
  • 4. Virtualization 4  A virtual machine (VM) is a software implementation of a machine (for example, a computer) that executes programs like a physical machine  Each VM is fully protected and isolated copy of physical machine. It is used to share the expensive hardware which helped to reduce costs and also helped to improve the productivity as many users can concurrently used the same hardware Cloud Resource Virtualization  System security, as it allows isolation of services running on the same hardware.  Performance and reliability, as it allows applications to migrate from one platform to another.  The development and management of services offered by a provider.  Performance isolation
  • 5. Virtualization 5 • Traditional environment • 50 applications, DB’s require multiple machines based on Architecture /platform • High infrastructure and hardware cost • Increasing complexity and High maintenance • Multiple development environment • Virtualization • Isolation & encapsulation • Scalability • Containers • software technology providing additional layer of abstraction and over OS virtualization. • Build once and deploy many times.
  • 6. Virtualization Interfaces 6 Instruction Set Architecture (ISA)  Boundary between hardware and software. Application Binary Interface (ABI)  regulates the inter-operation of binary code and development tools in architecture-based execution environments  objects produced by the toolchain can work together with object libraries from different producers  Application and the library modules to access the hardware;  ABI does not include privileged system instructions, instead it invokes system calls. Application Program Interface (API)  Set of instructions the hardware was designed to execute and gives the application access to the ISA;  Includes HLL library calls which often invoke system calls.
  • 7. Virtualization 7  Application Programming Interface, Application Binary Interface, and Instruction Set Architecture .  An application uses library functions (A1), makes system calls (A2), and executes machine instructions (A3).
  • 8. Virtualization - Types 8 • Hardware Virtualization (system Virtualization) • Guest running on the top of hardware • Guest - operating system, Host -Physical computer hardware • Virtual machine Manager(Hypervisor) allows the abstraction of the underlying physical hardware • It is program or a combination of software and hardware • Provides direct ISA mapping to Virtual machines • Type 1 (bare metal) and Type 2 (on OS) Hypervisor • Hardware Assisted (Xen,VMWare) Full and Paravirtualization (Xen,VMWare, Wind River). • OS Virtualization (Process Virtualization) • Create different and separated execution environments for applications concurrently. • OS kernel allows for multiple isolated user space instances. • Directly use OS calls without emulation • Ex: Containers, • Key building block in IaaS • Programming language-level virtualization
  • 9. Virtualization – Classification (Based on Usage) 9 • Server virtualization • Abstracts the physical machine on which the software and operating system is running on and provides an illusion that the software is running on a virtual machine. • Enables Infrastructure as a service model. • VMware, Microsoft Hyper-V, Red Hat KVM and Citrix Xen • Storage virtualization • Uses virtualization to enable better functionality and more advanced features in computer data storage systems. • It can be defined as technique to abstract physical storage system from user’s application and presented as logical entities hiding the complexities of accessing them. • It enables Storage as a service model. • RAID array can sometimes be considered a type of storage virtualization. Multiple physical disks in the array are presented to the user as a single storage device that, in the background, replicates data to multiple disks in case of a single disk failure
  • 10. Virtualization – Classification (Based on Usage) 10 • Need for Server virtualization • In the case of server consolidation, many small physical servers are replaced by one larger physical server to increase the utilization of costly hardware resources such as CPU. • Consolidating servers can also have the added benefit of reducing energy consumption. • A virtual machine can be more easily controlled and inspected from outside than a physical one, and its configuration is more flexible. • A new virtual machine can be provisioned as needed without the need for an up-front hardware purchase. • A virtual machine can easily be relocated from one physical machine to another as needed. • Need for Storage virtualization  Manage heterogeneous storage environments
  • 11. Elements of Hardware (System)Virtualization 11 • Guest OS • Software installed on either a virtual machine (VM) or partitioned disk that describes an operating system that is different than the host operating system • Virtual Machine Monitor (VMM) or hypervisor • Hypervisor is an efficient Virtual Machine Manager (VMM) that is designed from the ground up to run multiple high performant VMs • Host OS • Software installed on a computer that interacts with the underlying hardware and is usually used to describe an operating system used in a virtualized server
  • 12. Virtual Machine Monitor (VMM) or Hypervisor 12 • Multiple services to share the same platform. • Live migration - the movement of a server from one platform to another. • System modification while maintaining backward compatibility with the original system. • Enforces isolation among the systems, thus security. • Traps the privileged instructions executed by a guest OS and enforces the correctness and safety of the operation. • Traps interrupts and dispatches them to the individual guest operating systems. • Controls the virtual memory management • Maintains a shadow page table for each guest OS and replicates any modification made by the guest OS in its own shadow page table. • This shadow page table points to the actual page frame and it is used by the Memory Management Unit (MMU) for dynamic address translation. • Monitors the system performance and takes corrective actions to avoid performance degradation. For example, the VMM may swap out a Virtual Machine to avoid thrashing.
  • 13. Virtual Machine Monitor (VMM) or Hypervisor 13 • Partitioning Kernel ▪ “Partition” is isolation boundary ▪ Few virtualization functions; relies on virtualization stack • Very thin layer of software ▪ Microkernel ▪ Highly reliable ▪ Basis for smaller Trusted Computing Base (TCB) • No device drivers ▪ Drivers run in a partition • Well-defined interface ▪ Allow others to create support for their OSes as guests
  • 14. Virtual Machine Monitor (VMM) or Hypervisor 14 Monolithic and Microkernel hypervisor:  Single kernel  Simple kernel with partitioning functionality
  • 15. Virtual Machine Monitor (VMM) or Hypervisor 15 Basic Functionalities of Hypervisors  CPU sharing –  virtual view of CPU to VMs (vCPU)  VMM or Hypervisor allots CPU to different VMs  Share Memory  Application access memory via Kernel and Hypervisor  Virtual Machines two level of indirection maintained by VMM  I/O Share  Guest kernel to convey an arbitrary location to device for writing  Each device defines its own protocol for talking to drivers  virtual device is substituted for its physical equivalent
  • 16. Types of Hypervisors 16  Native hypervisor (Bare metal)  Native hypervisor run directly on top of physical hardware providing the features like IO etc required by the applications.  Hosted hypervisor  Hosted hypervisors runs on top of operating system and uses features of operating system.  Hosted hypervisors run on top of an existing OS and leverage the features of the underlying OS.  Virtual machines run on top of the hosted hypervisor, which runs on top of an existing OS.  Hybrid hypervisor.  Hybrid hypervisors runs directly on top of hardware and uses features of operating system.
  • 17. Native hypervisor (Bare metal) 17 Native Hypervisor Hosted Hypervisor Hybrid Hypervisor
  • 18. Techniques for Hypervisors- Full and Para Virtualization 18  Full virtualization  Guest OS can run unchanged under the VMM as if it was running directly on the hardware platform.  Hypervisor provides complete abstraction, and the guest OSes don't know -- or care -- about the presence of a hypervisor.  VM manager to translate back and forth between physical and virtual resources, like CPUs and memory spaces  Requires a virtualizable architecture.  Examples: Vmware.  Paravirtualization  Guest operating system is modified to use only instructions that can be virtualized.  allowing an OS to actually recognize the presence of a hypervisor and communicate directly with that hypervisor to share activity that would otherwise be complex and time-consuming for the hypervisor's VM manager to handle  Guest VM OSes must be modified or adapted to implement an API capable of exchanging hypercalls with the paravirtualization hypervisor  Reasons for paravirtualization:  Some aspects of the hardware cannot be virtualized.  Improved performance.
  • 19. Techniques for Hypervisors 19 Trap and emulate virtualization  When CPU is running in user mode, some internal or external events, which need to be handled in kernel mode, take place.  Then CPU will jump to hardware exception handler vector, and execute system operations in kernel mode. Ex: System Call  Invoked by application in user mode.  For example, application ask OS for system IO. Hardware Interrupts  Invoked by some hardware events in any mode.  For example, hardware clock timer trigger event. Exception  Invoked when unexpected error or system malfunction occur.  For example, execute privilege instructions in user mode.
  • 20. Techniques for Hypervisors 20 To make CPU virtualization to be efficient  We should make guest binaries run on CPU as fast as possible.  Theoretically, run all guest binaries natively, there will NO overhead at all.  But we cannot let guest OS handle everything, VMM should be able to control all hardware resources. Solution : Ring Compression  Shift traditional OS from kernel mode(Ring 0) to user mode(Ring 1), and run VMM in kernel mode.  Then VMM will be able to intercept all trapping event.
  • 21. Techniques for Hypervisors 21  Guests continue execution until they try to access a shared physical resource of the hardware (such as an I/O device), or an interrupt is received.  When this happens, the hypervisor regains control and mediates access to the hardware, or handles the interrupt  privilege level or protection ring  x86 privilege levels, the mechanism whereby the OS and CPU conspire to restrict what user-mode programs can do  0 (most privileged) to 3 (least privileged)  All user code runs in ring 3 and all kernel code runs in ring 0  If the guest tries to access a protected resource, such as an I/O device, an interrupt takes place, and the hypervisor regains control. The hypervisor then emulates the I/O operation for the guest.
  • 22. 22 Trap and Emulate Model  Let normal instructions of guest OS run directly on processor in user mode.  When executing privileged instructions, hardware will make processor trap into the VMM.  The VMM emulates the effect of the privileged instructions for the guest OS and return to guest.
  • 23. 23 Trap and Emulate Model • VMM and Guest OS :  System Call • CPU will trap to interrupt handler vector of VMM. • VMM jump back into guest OS.  Hardware Interrupt • Hardware make CPU trap to interrupt handler of VMM. • VMM jump to corresponding interrupt handler of guest OS.  Privilege Instruction • Running privilege instructions in guest OS will be trapped to VMM for instruction emulation. • After emulation, VMM jump back to guest OS.
  • 24. 24 Trap and Emulate Model  Limitations:  Some amount of performance overhead incurred due to this technique  Not all architectures are suitable for implementing trap and emulate virtualization.  Some commands executed in privilege mode to non privilege mode using the classical trap and emulate technique will not serve the purpose  Binary translation  Hypervisor includes a binary translator which replaces the sensitive instructions by equivalent non-sensitive instructions at run-time, and leaves non-sensitive instructions unchanged  Paravirtualization:  The guest is modified (re-written) not to use the sensitive instruction, but to directly invoke hypervisor APIs
  • 25. Hardware Support for Virtualization 25  Intel and AMD created new processor extensions to support virtualization in the hardware  VT-x, an Intel technology that helps virtualize Intel x86 processors  Extended Page Tables (EPT) which helps virtualize memory  VT-d, a technology to assist in the virtualization of I/O  VMX root operation and VMX non-root operation  Hypervisors are intended to execute in VMX root operation, which is almost identical to normal execution in earlier x86 processors without VT-x.  Guests execute in VMX non-root operation, which has been defined to help support virtualization.
  • 26. Virtualization- Advantages 26 • Multiple OS environments can co-exist on the same primary hard drive. Regardless of the system, all files are stored on the hard drive of the host OS. • Application provisioning, maintenance, high availability and disaster recovery are inherent in the virtual machine software selected. • Can provide emulated hardware environments different from the host's instruction set architecture (ISA), through emulation or by using just-in-time compilation.
  • 27. Virtualization- Limitations 27 • A virtual machine is less efficient than an actual machine when it accesses the host hard drive indirectly. • When multiple VMs are concurrently running on the hard drive of the actual host, adjunct virtual machines may exhibit a varying and/or unstable performance (speed of execution and malware protection). This depends on the data load imposed on the system by other VMs, unless the selected VM software provides temporal isolation among virtual machines. • Malware protections for VMs are not necessarily compatible with the "host", and may require separate software.
  • 28. Container 28 • Containers and VMs • To isolate an application and its dependencies into a self-contained unit that can run anywhere • Remove the need for physical hardware, allowing for more efficient use of computing resources, both in terms of energy consumption and cost effectiveness. • Containers • virtualize at the operating system level, with multiple containers running atop the OS kernel directly • container provides operating-system-level virtualization by abstracting the “user space” • ability to create predictable environments that are isolated from other applications • run virtually anywhere, greatly easing development and deployment • virtualize CPU, memory, storage, and network resources at the OS-level, providing developers with a sandboxed view of the OS logically isolated from other applications. • Ex: Docker, LXC, Kubernetes, FreeBSD Jails etc..
  • 29. Docker 29 • Provide a uniformed wrapper around a software package • Build, Ship and Run Any App, Anywhere • Virtualization of application instead of hardware • Runs on top of the core OS (Linux or Windows) • Doesn’t require dedicated CPU, Memory, Network —managed by core OS • Similar to shipping containers: The container is always the same, regardless of the contents and thus fits on all trucks, cranes, ships • Docker • Containerization platform that packages your application and all its dependencies together in the form of a docker container to ensure that your application works seamlessly in any environment • Docker Container • Standardized unit which can be created on the fly to deploy a particular application or environment  Docker Engine • Docker application that is installed on your host machine. It works like a client-server application which uses [www.docker.com]
  • 30. Docker 30 • Docker Image • Template which is used to create Docker Containers. They are the building blocks of a Docker Container • Docker Registry • Docker Images are stored. The Registry can be either a user’s local repository or a public repository like a Docker Hub • Docker Architecture  Docker client - trigger Docker commands,  Docker Host – running the Docker Daemon  Docker Registry – storing Docker Images.  The Docker Daemon running within Docker Host is responsible for the images and containers
  • 31. Docker Vs VM 31  Virtual Machines are slow and take a lot of time to boot.  Containers are fast and boots quickly as it uses host operating system and shares the relevant libraries.  Containers do not waste or block host resources unlike virtual machines.  Containers have isolated libraries and binaries specific to the application they are running.  Containers are handled by Containerization engine.  Docker is one of the containerization platforms which can be used to create and run containers  Consistent runtime environment, Application sandboxing, low overhead, occupies less disk size and resource saving
  • 32. Summary 32  Virtualization – System and Process  VMM or Hypervisor  Guest OS and Host OS  API,ABI and ISA  Trap and Emulate, Binary Translation, Full, Paravirtualization  Docker Container