Hypervisor architecture
History of virtualization at Microsoft
Everything began in February 2003 when Microsoft acquired a company that was already on the market since 1988 called Connectix. This company had a solution that could virtualize operating systems. For those who didn't know was surprising, because it was possible to do multiple tests of the functionality of the operating system (OS), but a virtual form within an existing OS. What is interesting is that virtualization technology is not new. True virtual environments, already existed in large Main Frames of the 1960s that could simulate a virtual environment, several virtual machines as the IBM model I44. In September 2004 Microsoft released Virtual Server 2005, a server with support for virtual machines (VM), but this had some hardware limitations, virtual systems could use only one processor x86 and maximum 3.6 GB of memory per VM. Running in parallel with these solutions virtual Intel and AMD launched its processors with hardware virtualization support, baptized of Intel-VT and AMD-V. Virtual Server 2005 R2 SP1 was launched and has already provided support to the new processor technologies, providing better performance, however all hardware call was sent from VMs to the virtual machine monitor (VMM), it forwarded these calls to the host operating system and then to the Windows kernel. Only after that the VM Hardware being accessed in this way, a processor switching between physical and virtual machine. It was for this reason that the Virtual Server 2005 does not used 100% of the power provided by the hardware virtualization from Intel and AMD.
In Windows 2008 Microsoft released Hyper-V and the Hyper-V Server. The latter would be a free version of the operating system only with Hyper-V role enabled. Hyper-v supports x86 and x64 VM, and 64 GB of memory and up to 4 processors per virtual machine, using the entire capacity hardware virtualization. In the table below is apparent difference between solutions:
Table 1 – differences between virtual server, hyper-v and hyper-v Server
Compared to its predecessor Virtual Server 2005, the Hyper-V differential associated with hardware virtualization are VMs with more memory and processor support, so the speed and security.
Virtual Machine Monitor (VMM)
To explain in a way more advanced and technical difference between virtualization types used by the virtual server and hyper-v, is important to understand a little of the VMM.
It is responsible for the creation, preservation, access to system resources and VM management. There are three types of implementation: VMM type 2 hybrid VMM and VMM type 1.
VMM type 2 VMM hybrid VMM type 1
Figure 1 – types of VMM
VMM type 2 runs above the host operating system. The hybrid type runs parallel to the host system, type this used by Virtual Server 2005 R2, which has used the technology of AMD-V and Intel-VT, but without the hypervisor. The third, type 1, is a Hypervisor-based solution, used by the hyper-v, providing performance and with a series of components for communication of VMs to hardware.
Structure of Hypervisor
Windows Server 2008 with Hyper-v provides a structure for the Hypervisor-based virtualization of type 1 (VMM), I believe that this should not be news to anyone since it is normal to read or hear this in almost every place where the subject is Microsoft Virtualization. When you install Windows Server 2008 the Hyper-V is not installed automatically. The OS without Hyper-v has direct access to hardware and Hypervisor structure does not exist, as Figure 2.
After operating system installation you need to add the function of hyper-v in Server Manager (this function is only available in Windows Server 2008 x 64).
Figure 2 – Windows 2008 without Hyper-V
After installation of Hyper-V and rebooting the machine, OS suffers several amendments. The file responsible for Windows boot (Winload.exe) loads the driver hvboot.sys. This driver checks which processor is running, and whether it supports virtualization. After this process is loaded the hypervisor image file (Hvix64.exe for Intel-VT or Hvax64.exe to AMD -V). Only after this the system boots, thereby creating a single standard called Parent Partition, where you made the first virtualization and it runs Windows 2008. Sounds strange, but is that the operating system that you raise after the hyper-v virtual also was installed. The virtual machines that are added after the hyper-v are created in partitions call Child Partitions. Is the Hypervisor that manages these partitions and control access them to hardware.
Hardware virtualization
Another interesting approach is subject to hardware virtualization. Without this there are only 4 specific hardware of rings, called Rings processor, which define the level of access privilege to the processor. The privilege is the ring 0, used by the Windows kernel and Ring 3 is typically used in user level, amounting to a total of 4: ring 0, 1, 2 and 3.
When installing the hyper-v is created a ring that runs on a privileged mode called privileged or ring -1. This ring causes the hypervisor rode in a greater privilege that the Windows kernel allowing any operating system continue to be used for ring 0 and users application running in ring 3. In Figure 2 you can analyze Parent and Child partitions, in addition to processing rings.
Figure 3 – Hypervisor, Rings and partitions
Virtualization Stack
All creation and management of virtual machines of hyper-v are made by a series of virtual devices and software components that work together called Virtualization Stack used in both the Parent and Child partition. Some of them are: Virtualization Service Provider (VSP), Virtualization Service Client (VSC) Virtualization Infrastructure driver (VID) and virtual machine bus (VMBus). This series of software and components work with Hyper-v management in conjunction with the hypervisor. The VSP is a software component that is in the Parent partition and that controls I/O requests on behalf of the virtual machines. Already the VMBus is responsible for data transfer and delivery of services between Parent and Child partitions for a dedicated channel available between the VSCs and VSPs. The VSC uses the VMBus for the communication of the VSP partitions Child up to the functioning of synthetic drivers that run on the Child partitions.
The VID uses some APIs for communication between the Parent partition to the Hypervisor. The access and the instructions of the Parent partition APIs to Hypervisor are called Hypercalls. The VID is applied in two levels: kernel-level with the file VID.sys in ring 0 and User level by VID.ll file in Ring 3.
No comments:
Post a Comment