Virtualization Concepts and Cloud Computing

Questions and Answers

What is a characteristic of second-generation virtualization?

• Enables substantial memory sharing between VMs (correct)
• Is fully hardware-based without software components
• Requires no awareness from the operating system
• Is dependent on third-party virtualization solutions

Which of the following must the OS vendor provide for paravirtualization to function effectively?

• A paravirtualization-enabled version (correct)
• An unmodified version of the operating system
• A complete hardware solution
• A separate hypervisor

What is a primary disadvantage of paravirtualization?

• Requires the use of virtualization software
• Eliminates the need for inter-VM communications
• High performance without OS modifications
• Necessitates a modified guest operating system (correct)

In the context of virtualization, what do Microsoft Windows enlightenments refer to?

Partial paravirtualization through drivers (B)

What is one benefit of OS awareness of virtualization in second-generation systems?

Enhanced collaboration for VM management (A)

What is the primary benefit of virtualization in cloud computing?

Decoupled management of virtual servers from physical machines (D)

Which of the following describes the concept of paravirtualization?

Modification of the guest operating system to communicate directly with the hypervisor (C)

Which characteristic is NOT associated with IaaS platforms in cloud computing?

Providing dedicated physical servers only (D)

What impact does hardware support have on virtualization?

It enhances isolation between virtual machines (A)

Which advantage does virtualization provide specifically for cloud computing?

Ability to efficiently utilize a large set of virtual servers (D)

What is a primary characteristic of hypervisor-based rootkits?

They can achieve higher privilege levels than the kernel. (D)

Which of the following is a type of attack that exploits hypervisor security vulnerabilities?

Collocation attacks (A)

In desktop virtualization, which statement accurately describes the requirements?

The guest OS is run inside the user host OS. (D)

Which disk image format is commonly used for read/write operations?

.VHD (C)

What is the primary use of the Open Virtual Machine format (OVF/OVA)?

To define VM metadata and configurations. (C)

What is a limitation of most Virtual Machine Monitors (VMM) regarding VM operations?

Suspended VMs are generally not portable across different VMMs. (D)

Which type of virtualization software allows running multiple guest operating systems on a host OS?

Hypervisor (D)

Which virtualization software is considered commercial for desktop environments?

VMWare Fusion (D)

What is the range of hourly pricing for Amazon EC2 servers?

$0.113 to $6.82 (A)

What is the cost for data storage in Google Compute Engine?

$0.04 / GB / month (B)

Which service does not charge for incoming data?

Google Compute Engine (B)

What is the cost for outgoing data beyond the first 1 GB in Amazon EC2?

$0.09 down to $0.05 / GB (C)

What is the maximum cost for a virtual machine per hour in Rackspace open Cloud?

$5.44 (A)

What is the lowest storage cost for Google Compute Engine's backup option?

$0.125 / GB / month (A)

How much does Windows Azure charge for outgoing data after the first 5 GB?

$0.18 to $0.05 / GB (C)

What is the monthly storage cost range for files in Rackspace open Cloud?

$0.1 to $0.12 / GB (C)

What is the main function of the emulation layer in first-generation virtualization?

It translates instructions for the CPU and other hardware. (D)

Which statement accurately describes the guest operating system in first-generation virtualization?

It runs unaware that it is in an emulated environment. (C)

What is the primary method used in first-generation virtualization for translating CPU instructions?

Binary rewriting. (A)

What is an example of a tool used for first-generation virtualization by binary rewriting?

QEMU (D)

In the context of first-generation virtualization, what is the term 'full virtualization' referring to?

Complete emulation of all hardware as virtual devices. (B)

What is the primary purpose of OS-level virtualization?

To arbitrate between competing resource demands (B)

Which component is necessary for the efficient implementation of virtual memory?

Memory Management Unit (MMU) (B)

In the context of virtual CPUs, what process is necessary to manage thread execution?

Context save/restore mechanism (A)

What does each process in a virtual memory system believe regarding its address space?

It has its own isolated address space (A)

What does platform virtualization enable on a physical computer?

Multiple virtual computers to operate simultaneously (C)

Which of the following is NOT a benefit of hardware support in virtualization?

Direct memory access for all applications (B)

How does OS-level virtualization manage competing demands for I/O and memory resources?

Through policies established by the OS (D)

In a virtualized system, what does the virtualization layer do?

Allows multiple OS to run on a single physical machine (D)

Flashcards

What is the purpose of virtualization in cloud computing?

Virtualization in cloud computing allows managing a large set of virtual cloud servers (IaaS, PaaS, and SaaS) separately from the physical machines that support them.

What is the key concept of virtualization?

Virtualization hides the physical hardware from applications and users, presenting a virtualized environment.

What is paravirtualization?

Paravirtualization is a type of virtualization where the guest operating system is modified to work directly with the hypervisor, improving performance compared to full virtualization.

What is hardware virtualization?

Hardware virtualization is a technique where the physical hardware is modified to support virtualization, improving performance and security.

What are the advantages and disadvantages of virtualization?

Virtualization offers cost efficiency, flexibility, isolation, and dependability, but it also raises performance concerns.

What is first-generation virtualization?

A virtualization approach where the host OS emulates all the hardware, including the CPU, for the virtual machine. This is achieved through binary rewriting, which translates the instructions of the guest OS to work on the emulated hardware.

What is an emulation layer?

A layer of software within the host OS that simulates the hardware for the virtual machines. This is a key component of first-generation virtualization.

What is binary rewriting?

A technique used in first-generation virtualization to change the instructions of the guest OS so it can run on the emulated hardware. This process is done at the binary level, which is the lowest level of computer code.

How does the guest OS work in first-generation virtualization?

A guest OS is not aware that it is running in an emulated environment, due to the effective imitation of the hardware by the emulation layer.

What is QEMU?

A well-known open-source software that exemplifies first-generation virtualization through binary rewriting. It offers various features for emulation and virtualization.

OS-level virtualization

The technique of creating a virtual representation of resources like CPU, memory, and I/O devices, allowing multiple processes or applications to share these resources.

Virtual memory

A form of OS-level virtualization where each process is given its own address space, and a translation mechanism maps virtual addresses to physical memory addresses.

Virtual CPU

A fundamental component of OS-level virtualization that allows multiple processes or threads to share a single CPU, switching between them rapidly to create the illusion of dedicated time on the CPU.

Platform virtualization

A technique where a single physical machine is partitioned into multiple virtual machines (VMs), each with its own operating system and applications, effectively creating a virtualized hardware platform.

Virtualization layer

A software layer that sits between the underlying hardware and the virtual machines, managing access and allocation of shared resources.

Isolation

The act of preventing one process from interfering with or accessing the resources of another process, ensuring isolation between virtual machines and their applications.

Scheduling

The process of deciding which process or thread gets access to the CPU at any given time, taking into account factors like priority and resource needs.

Context switching

The act of saving the state of a process or thread when it is suspended and then restoring it when it's resumed, ensuring a seamless transition between processes.

What is required for paravirtualization?

Paravirtualization requires modifications to the guest OS to enable it to interact with the hypervisor directly.

What is the guest OS's awareness in paravirtualization?

In paravirtualization, the guest OS is aware of the virtualized environment, allowing for interactions between VMs (e.g., memory sharing).

How can paravirtualization be implemented partially?

Drivers in the guest OS can be modified to partially enable paravirtualization, allowing for performance improvements even without full OS modifications.

What is a major benefit of paravirtualization?

Paravirtualization offers the advantage of improved performance compared to full virtualization due to the guest OS's direct communication with the hypervisor.

Hypervisor-based rootkit

A rootkit that takes advantage of hardware-assisted virtualization, gaining higher privileges than the kernel making it extremely difficult to detect.

Collocation attack

An attack that exploits security weaknesses within the hypervisor to access the data and state of other virtual machines.

Hardware-assisted virtualization

The ability of a virtual machine to run smoothly without relying on emulation, directly interacting with the hardware.

Desktop virtualization

Running guest operating systems within the user's host operating system, offering a lighter approach to virtualization compared to server virtualization.

Paravirtualization

A type of virtualization where the guest operating system is modified to work more efficiently with the hypervisor, improving performance.

VM image formats

Disk images used for virtual machines, commonly used in virtualization.

VM migration

The process of transferring a virtual machine from one host to another, either within a private or public cloud.

OVF/OVA

The standard file format for storing virtual machine information, often used in cloud environments.

What is Amazon EC2?

Amazon Web Services (AWS) provides server instances on demand, offering various instance types with different performance and pricing based on CPU, memory, and storage requirements.

What is Google Compute Engine?

Google Compute Engine allows creating virtual machines (VMs) that can be started, stopped, and scaled as needed, billing customers by the minute for usage.

What is Windows Azure?

Microsoft Azure provides virtual machine instances with various configurations and pricing based on the chosen instance type, offering flexibility and scalability.

What is Rackspace Open Cloud?

Rackspace Open Cloud offers virtual machines with adjustable configurations and a per-hour billing model, providing a scalable cloud computing solution.

How are storage costs structured in IaaS?

Storage costs in IaaS models vary based on the type (e.g., block storage, object storage), the storage provider, and the amount of data stored. Providers often offer discounts for larger storage volumes.

How are network costs structured in IaaS?

Network costs in IaaS typically involve charges for data transfer (both incoming and outgoing), measured in gigabytes (GB), and sometimes with free allowances for the first few GBs.

What factors influence network costs in IaaS?

IaaS providers typically offer varying network charges depending on location, bandwidth, and data transfer volume, with potential discounts for higher volume usage.

Are there any volume discounts in IaaS?

IaaS pricing models often offer discounts for higher usage volumes, encouraging large-scale adoption and providing cost savings for organizations with significant cloud workloads.

Study Notes

Course Objectives

• Understand machine virtualization and its relevance to cloud computing
• Explore paravirtualization, hardware support, and their impact on performance and security
• Describe features and services offered by IaaS platforms in public and private clouds
• Connect IaaS services to the functions and roles of a traditional operating system

Introduction

• Virtualization abstracts resources from physical resources presented to users and applications.
• Cloud computing enables decoupled management of virtual cloud servers (IaaS, PaaS, SaaS) and the physical machines supporting them.
• Key advantages include cost-efficiency, flexibility (unified OS/app management), isolation, dependability, and performance improvements.

Outline

• Basics of OS-level virtualization
• Principles of platform virtualization
• Requirements for cloud computing
• Virtualization implementation (OS support, hardware support, performance, and portability)
• Desktop virtualization

Basics: OS-Level Virtualization

• A single operating system (OS) supports multiple processes and applications.
• Processes cannot freely access system resources.
• Virtualization is needed to manage resource allocation among processes.
• OS implements policies for resource arbitration.

Example 1: Virtual Memory

• Each process has its own address space, isolating it from others.
• The OS maps virtual addresses to physical addresses(memory).
• Built-in hardware support (e.g., MMU, TLB) is essential for efficient implementation.

Example 2: Virtual CPU

• Each thread assumes it handles CPU operations.
• Context switching is crucial to manage and schedule threads.
• Hardware support (e.g., process-aware TLB) enhances virtual CPU functionality.

Platform Virtualization

• A single physical computer can support multiple virtual computers sharing resources between multiple operating systems and applications.

A Key Enabling Technology for Cloud Computing

• Virtualized servers outnumber non-virtualized ones (2014 data).
• Advantages for users include resource abstraction, isolation, pay-as-you-go deployments, and instance migration.
• Advantages for cloud operators include reduced operational costs, larger efficient server capabilities, and increased operational flexibility (migration, consolidation, etc.).
• Disadvantages may include costs associated with multiple OS versions, and performance penalties.

Virtualization Implementation

• Modern OS isolation depends on multiple instruction modes.
• Non-privileged instructions, like mathematical operations, typically operate without interruption,.
• Privileged instructions require kernel-level access, typically for critical operations like process termination

Virtualization Requirements

• CPU instructions are classified as privileged or sensitive instructions, affecting virtual machine management.
• Required properties include equivalence (same output as raw hardware), resource control, and efficiency.
• Effective virtual machine management (VMM) construction can be achieved when sensitive instructions are a subset of privileged instructions,.

x86 and Virtualization

• Initially (around 2010 when cloud computing gained interest), x86 architecture for desktops and servers and used 32 bits.
• Commercial interest in virtualization was significant.
• However, original x86 32 bits architecture was not designed with virtualization in mind .
• More complex x86-32 architectures include a large number of sensitive instructions.
• Modern processors directly support virtualization with hardware-assisted virtualization.

Server Virtualization Approaches

• Three generations of server virtualization exist
• First generation: Binary Rewriting (software-based full virtualization).
• Second generation: Paravirtualization (software-based collaborative virtualization).
• Third generation: Hardware-assisted full virtualization (hybrid approach combining software and hardware).

First Generation Virtualization

• An emulation layer exists in the host operational system, enabling the emulation of all hardware components including the CPU.
• Binary rewriting translates instructions on the fly.
• The guest OS is unaware it is running on an emulated environment .
• Tools, like QEMU, support this type of virtualization.

First Generation Virtualization (Advantages and Disadvantages)

• Significant advantages include good VM isolation, precise VM resource control, and total transferability.
• However, significant disadvantages are significant performance penalties.
• VMs cannot use hardware instructions directly and require emulation.

Second Generation Virtualization (Paravirtualization)

• The guest OS is modified so it does not need to use privileged instructions itself.
• It correctly interfaces with the hypervisor to handle privileged operations.
• Paravirtualization dramatically improves performance.

Second Generation Virtualization (Advantages & Disadvantages)

• Optimized performance.
• Requires modified OS, which is a limitation.

Third Generation Virtualization

• Hardware support exists for virtualization.
• Guests can use privileged instructions without intervention from the hypervisor, resulting in high performance.
• However, it is important for OS to recognize virtualization.

Some Common Virtualization Solutions

• VirtualBox (full and hybrid virtualization with hardware support)
• KVM (full and hybrid virtualization with hardware support, utilizing virtio for I/O device drivers)
• VMware (full range of virtualization types).

Virtualization and Security

• Hypervisor-based rootkits can exploit vulnerabilities in a non-virtual system and exploit hardware-assisted virtualization.
• Collocation attacks leverage security flaws in the hypervisor

Desktop Virtualization

• Run a guest operating system within the host operating system.
• Less stringent performance requirements.
• Often use paravirtualization to efficiently share resources like network cards and other devices.

VM Images and Operations

• Disk images (read/write and read-only) are used for VMs.
• Common formats include VHD, VDI, QCOW2, and ISO.
• VM imports/exports use OVF, OVA, and AMI formats..
• VMs can be migrated between environments.

Part II - IaaS Management

• IaaS is a model for renting cloud infrastructure resources.
• IaaS allows users to manage their own operating systems and environments.

Key Players in the Public Cloud IaaS Market

• Amazon Web Services
• Microsoft Azure
• HP
• Google Compute Engine
• Rackspace Open Cloud
• IBM SmartCloud

Public Cloud IaaS Operations

• Dynamically allocate resources like VMs.
• Deploying a VM image to a host from an image.
• Migrate a VM between hosts, modifying required resource amounts dynamically.
• Manage access keys (e.g., SSH).

Defining Needs: Instances

• Users configure VMs' computational capacity (VCPU, memory) and storage types (remote or dedicated).
• Example configuration from Rackspace includes General purpose, Compute optimized, I/O optimized, and Memory optimized.

Typical laaS Pricing

• Pricing varies by provider and instance type.
• Factors like storage, network bandwidth, operating system type, and location can affect pricing.

Spot Instances Mechanics

• Best-effort instances with low cost.
• Used by IaaS providers to maximize infrastructure utilization and offer competitive pricing on unused machines.
• Pricing is based on a bidding/offering mechanism.
• The market adapts to the current demand

Example of Use

• Resizing photos and complex tasks like video encoding are typically more expensive if used on general and regular VMs due to ongoing use of infrastructure.
• Utilization of a cloud environment is beneficial when these type of applications require significant computation capacity.

Bitmovin Example

• Re-encoding HD video requires high processing power.
• Utilizing spot instances reduces costs.

laaS Management: The "Cloud Operating Systems"

• Cloud operating systems manage the fleet of hosts, virtual machines, and resources.
• Operations such as allocation, monitoring (usage, faults), and billing are performed by a IaaS management system.

An Operating System Analogy

• laaS management platforms are analogous to operating systems, managing resources and handling VM(s) instead of processes and applications, and managing inter-VM networking.

Direct Infrastructure Access

• Direct infrastructure access allows users to access and interact with infrastructure without mediation via hypervisor.

laaS Management Platform

• laaS platforms manage the host(s), monitor resources, allocate resources to VMs.
• A command line or web interface is typically used for management.

Advantages of Using an laaS Management System

• Unified management and control is possible allowing centralized management/control of numerous servers.
• Better resource allocation due to centralized control and monitoring allowing better utilization.
• Improved security due to enhanced authentication, and access control. Increased reusability if VM images are stored and deployable by multiple users across environments.

OpenStack

• Large open-source project.
• Driven by Rackspace and a large community of companies offering cloud-based solutions.
• Meeting the requirements of large scale public and private clouds with high scalability.

Conclusion

• Virtualization is crucial for economies of scale and efficiency in cloud computing, enabling easy management, allocation, and monitoring of IaaS resources.
• Public cloud IaaS offers on-demand renting of infrastructure (VMs, networks, and storage).
• Private and hybrid clouds similarly make use of operating systems software on physical hosts or on VMs, allowing management, authentication, and monitoring functionalities.

Description

Test your knowledge on the key concepts of virtualization and its impact on cloud computing. This quiz covers paravirtualization, hypervisor security, and the role of operating systems in virtualization. Enhance your understanding of how virtualization benefits cloud infrastructures.