HCIA-Cloud Computing V5.5 Training Material PDF

Cloud Computing Basics Foreword ⚫ The IT sector is a fast-changing industry. Cloud computing has been developing rapidly in recent years and has become the foundation of a wide range of major applications. So, what is cloud computing all about? What are the service models for cloud computing? This course will provide a brief introduction to cloud computing. 2 Huawei Confidential Objectives ⚫ On completion of this course, you will be able to:  Describe what cloud computing is.  Describe the benefits of cloud computing.  List services and deployment modes for cloud computing.  Understand mainstream cloud computing vendors and representative technologies. 3 Huawei Confidential Contents 1. IT Basics ◼ What Is IT?  Challenges to Traditional IT  IT Development Trend 2. About Cloud Computing 3. Mainstream Cloud Computing Vendors and Representative Technologies 4 Huawei Confidential IT All Around Us ⚫ "IT" is the common term for an entire spectrum of technologies for information processing, including software, hardware, communications, and related services. A car service A hotel without any An instant messaging A shopping mall company without rooms service company without any any cars without a network physical stores Taxis Hotels Messaging and calls Retail New technologies and models are changing our lives. 5 Huawei Confidential IT (Information Technology) around us are changing the way we live, for example, taxi hailing software that enables online booking and dispatch of cabs, communications software that enables real-time voice calls over the Internet, and e-malls that provide online shopping experience. Taxi hailing: Uber and DiDi Hotel: Airbnb Messaging and calls: WeChat and Viber Retail: Taobao and Amazon Data Center - Based IT Architecture Services Cloud Industry applications Telecommunications Finance e-Government... Consulting Application Collaborative SaaS Content ERM/ERP Engineering CRM... software tools System integration Application Big data analysis (data insight, data processing...) development and PaaS Application deployment Data management Integrated and Application Middleware development software (database) automatic deployment development tool Cloud OS System Operating IT outsourcing Compute Storage Network Security Storage software systems virtualization virtualization virtualization IaaS Technical support Servers Storage Network Security Hardware Training Facility Power supply Cooling Floor space 6 Huawei Confidential Traditional IT infrastructure consists of common hardware and software components, including facilities, data centers, servers, network hardware, desktop computers, and enterprise application software solutions. Contents 1. IT Basics  What Is IT? ◼ Challenges to Traditional IT  IT Development Trend 2. About Cloud Computing 3. Mainstream Cloud Computing Vendors and Representative Technologies 7 Huawei Confidential The Information Explosion Is Here ⚫ With the proliferation of mobile Internet in today's fully connected era, more devices are getting connected every day. The amount of data being processed has been growing exponentially, which has created unprecedented challenges to traditional ICT infrastructure. PCs Mobile internet IoT Computers using Mobile phones using Terminals running x86 architecture Advanced RISC Machines x86/Arm/DSP/MIPS/FPGA/... (ARM) architecture Windows/Linux IoT operating systems Android/iOS 8 Huawei Confidential In the PC era, computers are connected to each other through servers. Now, in the mobile era, we can assess the Internet through mobile phones. In the 5G era, all computers, mobile phones, and smart terminals are connected to each other, and we are in the era of Internet of Everything (IoE). In the IoE era, the entire industry will compete for ecosystem. From the PC era to the mobile era, and then to the IoE era, the ecosystem changes fast at the beginning, then tends to be relatively stable, and rarely changes when it is stable. In the PC era, a large number of applications run on Windows, Intel chips, and x86 architecture. Then, browsers come with the Internet. In the mobile era, applications run on iOS and Android systems that use the ARM architecture. The Internet has gone through two generations and is now ushering in the third generation, the Internet of Everything. Compared with the previous generation, the number of devices and the market scale of each generation increase greatly, presenting future opportunities. As the Intel and Microsoft in the PC era and the ARM and Google in the mobile era, each Internet generation has its leading enterprises who master the industry chain. In the future, those who have a good command of core chips and operating systems will dominate the industry. Challenges to Traditional IT ⚫ As the Internet has grown, massive volumes traffic, users, and data have been generated. The traditional IT architecture has been unable to meet the demands of fast developing enterprises. Slow service rollout Limited High TCO scalability Challenge Latency Complex caused by I/O lifecycle bottlenecks management Low reliability 9 Huawei Confidential The growing popularity of the Internet brings an influx of traffic, users, and data to enterprises. To keep up with the rapidly developing businesses, enterprises need to continuously purchase traditional IT devices. Therefore, the disadvantages of traditional IT devices gradually emerge. ▫ Long procurement period slows rollout of new business systems. ▫ The centralized architecture has poor scalability and can only increase the processing performance of a single node. ▫ Traditional hardware devices are isolated from each other, and their reliability mainly depends on software. ▫ Devices and vendors are heterogeneous and hard to manage. ▫ The performance of a single device is limited. ▫ Low device utilization leads to high total cost of ownership (TCO). Discussion ⚫ How can IT enterprises overcome these challenges? IT infrastructure transformation Resource integration and comprehensive utilization ? Business collaboration and continuous optimization 10 Huawei Confidential How do we solve these pain points? Think over advantages of cloud computing that can solve these pain points, so you can have a better understanding of cloud computing. Contents 1. IT Basics  What Is IT?  Challenges to Traditional IT ◼ IT Development Trend 2. About Cloud Computing 3. Mainstream Cloud Computing Vendors and Representative Technologies 11 Huawei Confidential Enterprises Are Migrating to the Cloud Traditional IT architecture Virtualized architecture Cloud architecture APP1 APP2 APP1 APP2 OS OS OS OS APP1 APP2 OS OS Virtualization Cloud OS 12 Huawei Confidential The traditional IT architecture consists of hardware and software, including infrastructure, data centers, servers, network hardware, desktop computers, and enterprise application software solutions. This architecture requires more power, physical space, and money and is often installed locally for enterprise or private use only. With the virtualization technology, computer components can run on the virtual environment rather than the physical environment. Virtualization enables maximum utilization of the physical hardware and simplifies software reconfiguration. Enterprise data centers are transformed from resource silos to resource pooling, from centralized architecture to distributed architecture, from dedicated hardware to software-defined storage (SDS) mode, from manual handling to self-service and automatic service, and from distributed statistics to unified metering. These are the key features of cloud migration of enterprise data centers. Cloud Computing Is Now the Preferred Choice for IT Enterprises Millions of applications Billions of users Hundreds of thousands of applications Hundreds of millions of users Thousands of applications From 2012 Millions of users From 1981 From 1964 Second platform Third platform First platform Cloud, big data, mobile Internet, Local area network (LAN), Mainframe and IoT Internet, and server 13 Huawei Confidential In 2015, the third platform gained prominence over the second platform. The third platform accounts for one-third of the global IT spending and 100% of IT spending growth. Cloud computing has changed the business and construction mode of the IT industry. Big data assists enterprises in exploring business benefits and promoting the construction of the second data plane. Contents 1. IT Basics 2. About Cloud Computing ◼ A Timeline of Computer History  A Timeline of Virtualization History  Definition of Cloud Computing  Development of Cloud Computing  Features of Cloud Computing  Cloud Computing Services and Deployment 3. Mainstream Cloud Computing Vendors and Representative Technologies 14 Huawei Confidential As what we have learnt from the previous slides, the third platform built on cloud computing has become the mainstream of the IT industry. Computer and virtualization technologies are the foundation of the third platform. Before we get into cloud computing, let's take a quick look at the evolution of computer and virtualization technologies. What Is a Computer? ⚫ A computer is a high-speed electronic device capable of performing numerical and logical calculations. It automatically stores and processes data according to a set of programming instructions given to it. 15 Huawei Confidential When it comes to computers, we immediately think of desktops, laptops, and servers. Actually, storage devices, network devices, and security devices in a data center are all computer devices. A Timeline of Computer History Since 2001 1970 DDR gradually IBM separates hardware replaces SDRAM, from software, defining and hard disk 1889 the value of software. 1975 capacity expands to The first 40 GB or more. The first microcomputer. electromechanical tabulating machine. 1954 IBM's first transistorized 1999 1930 computer. 1977 64 MB of RAM and 6.4 GB hard disk becoming The first electronic analog The first personal the standard computer. computer with color configurations. graphics. 1950 The first parallel 1998 1946 computer. 1983 Celeron processors The Electronic The first graphical with 128K L2 cache Numerical Integrator user interface becoming popular and Computer. controlled by a among installers. mouse. 16 Huawei Confidential Computing tools progressed from simple to complex and from low to high level, such as knotting to abacus and calipers, and then mechanical computers. They played historical roles in different periods and also inspired the development of modern electronic computers. In 1889, American scientist Herman Hollerith developed an electromechanical tabulating machine for storing accounting data. In 1930, American scientist Vannevar Bush built the world's first analog computer with some digital components. In 1946, the U.S. military customized the world's first electronic computer, the Electronic Numerical Integrator and Computer. In 1950, the first parallel computer was invented, using von Neumann architecture: binary format and stored programs. In 1954, IBM made the first transistorized computer, using floating-point arithmetic for improved computing capabilities. In 1970, IBM System/370 was announced by IBM. It replaces magnetic core storage with large-scale integrated circuits, uses small-scale integrated circuits as logical components, and applies virtual memory technology to separate hardware from software, thereby defining the value of software. In 1975, MITS developed the world's first microcomputer. In 1977, the first personal computer with color graphics was invented. In 1998, Celeron processors with 128K L2 cache became popular among installers, and 64MB of RAM and 15-inch displays became standard configurations. In 1999, Pentium III CPUs became a selling point for some computer manufacturers. The 64MB of RAM and 6.4GB hard disk became standard configurations. Since 2001, Pentium 4 CPUs and Pentium 4 Celeron CPUs have been the standard configurations for computers. DDR has gradually replaced SDRAM as the common type of memory. In addition, 17-inch CRT or 15-inch LCD displays have been the preferred choice for customers. The capacity of hard disks has gradually expanded to 40GB or more. Contents 1. IT Basics 2. About Cloud Computing  A Timeline of Computer History ◼ A Timeline of Virtualization History  Definition of Cloud Computing  Development of Cloud Computing  Features of Cloud Computing  Cloud Computing Services and Deployment 3. Mainstream Cloud Computing Vendors and Representative Technologies 18 Huawei Confidential What Is Virtualization? ⚫ Virtualization is the act of creating a virtual version of something, a logical representation of resources. APP APP APP APP APP APP APP APP APP Windows Ubuntu Redhat Win10 Ubuntu Redhat Win10 Ubuntu Redhat Virtualization Resource pooling Virtualization Virtualization Virtualization layer layer layer ⚫ IT resources are independent. ⚫ Resources are virtualized and placed in a shared ⚫ The operating system (OS) is tightly resource pool. coupled to the physical hardware. ⚫ Resources are decoupled from the physical hardware, so the OS can allocate resources more flexibly. 19 Huawei Confidential Virtualization is the fundamental technology that powers cloud computing. Simply speaking, virtualization allows multiple virtual machines (VMs) to run on a physical server. The VMs share the CPU, memory, and I/O hardware resources on the physical server, but they are logically isolated from each other. In computer science, virtualization creates an abstraction layer over computer hardware for resource simulation, isolation, and sharing by one or multiple operating systems. In essence, virtualization is a process that a lower-layer software module provides a virtual software or hardware interface that is completely consistent with what an upper-layer software module requires so that the upper-layer software module can directly run in the virtual environment. Virtualization abstracts a resource into one or more parts by means of space division, time division, and simulation. Virtualization creates an isolation layer to separate hardware from upper-layer applications so that multiple logical applications can run on one hardware. A Timeline of Virtualization History 2007 2014 HP launched HP-UX Rocket was launched. 1964 Integrity VMs. 2008 IBM began to explore Microsoft added virtualization on 2006 Hyper-V in Windows 2013 mainframes. Server 2008 R2. Qumranet first Docker was launched. 1972 announced KVM. 2008 IBM launched VMs Linux Container LXC running on 2002 was launched. 2011 mainframes. Xen was officially IBM, Red Hat, HP, and 1999 open sourced. 2008 Intel formed the Open By default, RHEL 6.0 Virtualization Alliance to VMware launched x86- supported KVM as the only accelerate KVM based virtualization virtualization option. adoption. products. 20 Huawei Confidential In 1964, "Big Blue" IBM began experimenting with virtualization on mainframes. In 1972, IBM officially named System370's time-sharing system virtual machine. In 1999, VMware introduced the first virtualization product to run on the x86 architecture. In 2002, Xen was officially open source, and versions 1.0 and 2.0 were released. After that, Xen began to be integrated as a virtualization solution with Linux distributions such as Red Hat, Novell, and Sun. In 2004, Intel engineers began adding hardware virtualization support to Xen to prepare the necessary software for the upcoming new processors. Thanks to their efforts, Xen 3.0, released in 2005, officially supports Intel's VT technology and IA64 architecture. Therefore, Xen VMs can run operating systems without modification. In October 2006, Qumranet officially announced the birth of KVM after completing the optimization of basic functions, live migration, and major functions and performance. In October of the same year, the source code of the KVM module was officially incorporated into the Linux Kernel as a part of the kernel source code. Between 2006 and 2010, traditional IT vendors launched their own products in virtualization. In 2007, HP introduced Integrity virtual machines and Microsoft added Hyper-V to Windows Server 2008 R2. In November 2010, Red Hat introduced RHEL 6, a new enterprise edition of Linux, which integrates the latest KVM virtual machines and replaces Xen integrated in the RHEL 5.x series. In 2011, IBM, Red Hat, HP, and Intel established the Open Virtualization Alliance to accelerate KVM promotion. In 2013, the Docker container project was launched. Docker introduces a complete ecosystem related to container management. These include an efficient hierarchical container image model, a set of global and local container registries, a simplified REST API, a command-line interface, and more. Docker has also built a container cluster management solution called Docker Swarm. Launched in 2014, Rocket was originally developed by CoreOS to address some of the flaws in Docker. CoreOS aims to surpass Docker in its ability to meet security and production requirements. Rocket builds on the App Container specification and makes it a more open standard. Contents 1. IT Basics 2. About Cloud Computing  A Timeline of Computer History  A Timeline of Virtualization History ◼ Definition of Cloud Computing  Development of Cloud Computing  Features of Cloud Computing  Cloud Computing Services and Deployment 3. Mainstream Cloud Computing Vendors and Representative Technologies 22 Huawei Confidential Definition of Cloud Computing ⚫ The National Institute of Standards and Technology (NIST) defines cloud computing as follows:  Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or interaction with service providers. ⚫ Wikipedia:  Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. 23 Huawei Confidential Key points: ▫ Cloud computing is a model rather than a technology. ▫ With cloud computing, users can access IT resources such as networks, servers, storage, applications, and services easily. ▫ Simply put, the cloud is a metaphor for the Internet. It is an abstraction of the Internet and the infrastructure underpinning the Internet. Computing refers to computing services provided by a sufficiently powerful computer, including a range of functionalities, resources, and storage. Cloud computing can be understood as the delivery of on-demand, measured computing services over the Internet. Cloud Services and Applications All Around Us (Personal) What other cloud services and applications are parts of our lives? Cloud albums Cloud music Cloud video Cloud Docs 24 Huawei Confidential What are the data sources of cloud computing in daily life? ▫ Cloud album, such as Baidu Cloud and iCloud Shared Album ▫ Cloud music, such as NetEase Cloud Music, Kugou Music, Kuwo Music, and Xiami Music ▫ Cloud video, such as Baidu Cloud and Tencent Cloud Video ▫ Cloud documents, such as Youdao Note, and Shimo document From the applications we use in our life, we can see that cloud computing makes our life more convenient. Enterprises also use cloud computing to provide better products for better user experience. Cloud Services and Applications All Around Us (Enterprise) ⚫ Huawei Cloud Meeting provides an all-scenario, device-cloud synergy videoconferencing solution for intelligent communication and collaboration on different terminals, in different regions, and with collaborators in other companies. Videoconferencing Livestreaming 25 Huawei Confidential Driven by the requirements of the government, transportation, electric power, medical care, education, finance, and military industries and enterprises, the video conferencing market in China has an average annual growth beyond 20%. Currently, only less than 5% of enterprises in China have video conference rooms, and more enterprises are aware of the importance of efficient collaboration. Therefore, the video conferencing system has become indispensable for efficient office work. Huawei Cloud Meeting can be used by enterprise office, telemedicine, smart education, and enterprise organization construction. Contents 1. IT Basics 2. About Cloud Computing  A Timeline of Computer History  A Timeline of Virtualization History  Definition of Cloud Computing ◼ Development of Cloud Computing  Features of Cloud Computing  Cloud Computing Services and Deployment 3. Mainstream Cloud Computing Vendors and Representative Technologies 26 Huawei Confidential Development of Cloud Computing Cloud Computing 2.0 Cloud Computing Cloud Computing 1.0 3.0 Software-defined, integration Computing virtualization OpenStack Cloud native, app redesign VMware AWS Hyper-V Docker Xen KVM CoreOS VMware ESX Cloud Foundry Cloud-based infrastructure Standardization and automation of Virtualization Cloud-native applications resource services Higher resource utilization Agile application development and lifecycle management 27 Huawei Confidential With the rapid development and breakthrough of cloud computing technologies in various industries, the application and value exploration of cloud computing have penetrated into all aspects of enterprise IT informatization and telecom network transformation. Industries and enterprises continue to deepen the degree of enterprise IT cloudification based on their business status, competition forms, and informatization transformation, and move from one milestone to the next. Since the birth of the cloud computing concept, the enterprise IT architecture has evolved from the traditional non-cloud architecture to the target cloud-based architecture. The evolution can be summarized as follows: ▫ Cloud Computing 1.0: IT infrastructure resource virtualization phase for data center administrators. ▫ Cloud Computing 2.0: provides resource servitization and management automation for infrastructure cloud tenants and users. ▫ Cloud Computing 3.0: A distributed microservice-based enterprise application architecture, Internet-based reconstruction of enterprise data architecture, and big data intelligence phase for enterprise IT application developers and management maintainers. Contents 1. IT Basics 2. About Cloud Computing  A Timeline of Computer History  A Timeline of Virtualization History  Definition of Cloud Computing  Cloud computing development process ◼ Features of Cloud Computing  Cloud Computing Services and Deployment 3. Mainstream Cloud Computing Vendors and Representative Technologies 28 Huawei Confidential Features of Cloud Computing On-demand self-service Widespread Resource network pooling access Features of Cloud Computing Quick deployment Metered and auto services scaling 29 Huawei Confidential Cloud computing integrates hardware resources in software mode and then allocates them to applications for improved resource utilization. Cloud computing helps you run your infrastructure more efficiently, and scale as your business needs change. You can build a cloud data center and use automatic scheduling technology for more unified data storage. In this way, you can use data assets more effectively to save energy, reduce emission, and make maintenance easier. It helps you lower costs and improve efficiency. Five main features: ▫ On-demand self-service: Consumers can deploy processing capabilities on demand, such as server running time and network storage, and do not need to communicate with each service provider. ▫ Widespread network access: Users can access various services over the Internet via different clients, such as mobile phones, laptops, and tablets. ▫ Resource pooling: The computing resources are pooled and provisioned in a multi-tenant model. In addition, physical and virtual resources are dynamically assigned based on user demand. Users do not need to know or control the exact location of resources, including storage, processors, memory, network bandwidth, and virtual machines (VMs). ▫ Quick deployment and auto scaling: Computing resources can be rapidly and elastically provisioned, expanded, and released. A user can rent unlimited resources at any time. ▫ Metered services: Users pay as per use of cloud server resources, such as CPU, memory, storage, and network bandwidth. You can pay by hour, or you can also buy yearly or monthly package. Contents 1. IT Basics 2. About Cloud Computing  A Timeline of Computer History  A Timeline of Virtualization History  Definition of Cloud Computing  Cloud computing development process  Features of Cloud Computing ◼ Cloud Computing Services and Deployment 3. Mainstream Cloud Computing Vendors and Representative Technologies 31 Huawei Confidential Service Models for Cloud Computing Traditional IaaS PaaS SaaS Applications Applications Applications Applications Applications In-house Data Data Data Data Data In-house Runtime Runtime Runtime Runtime Runtime environment environment environment environment environment Cloud service provider Middleware Middleware Middleware Middleware Middleware Cloud service provider In-house OS Software OS OS OS OS Cloud service provider Virtualization Platform Virtualization Virtualization Virtualization Virtualization Compute Compute Compute Compute Compute resources resources resources resources resources Infrastructure Storage Storage Storage Storage Storage resources resources resources resources resources Network Network Network Network Network resources resources resources resources resources Layers Cloud Computing service models 32 Huawei Confidential Infrastructure as a Service (IaaS): The cloud platform provides infrastructure (such as servers, storage devices, networks, and virtual resources) and maintains related resources. Users only need focus on systems and applications. Generally, cloud service providers do not provide operating systems for users in IaaS. However, if a user applies for an ECS on the cloud computing platform, the user cannot directly use the ECS without providing an operating system. Therefore, in actual scenarios, the operating system is provided by binding with the IaaS. Therefore, the demarcation point between the self-operated part and the cloud service provider part in the IaaS diagram is the operating system. Platform as a Service (PaaS): The cloud platform provides infrastructure (such as servers, storage devices, networks, and virtual resources) and application deployment environment (such as the operating system, middleware, and software running environment) and maintains related resources. Users only need to focus on applications and data. Software as a Service (SaaS): The cloud platform provides all resources, services, and maintenance. Users only need to use applications. Compared with the conventional IT entire-process and all-device procurement mode, the cloud service-oriented mode provides IT devices as services that allow customers to select on demand, which has more advantages in flexibility, and low cost. Deployment Models for Cloud Computing Public cloud Enterprise firewall Hybrid cloud Private cloud Private cloud: The cloud infrastructure is owned and managed for exclusive use by a single organization. Public cloud: The cloud infrastructure is owned and managed by a third-party cloud service provider and shared with multiple organizations using the Internet. Hybrid cloud: This is a combination of public and private clouds viewed from the outside as a single cloud. 33 Huawei Confidential Contents 1. IT Basics 2. About Cloud Computing 3. Mainstream Cloud Computing Vendors and Representative Technologies 34 Huawei Confidential Vendors and representative technologies HUAWEI CLOUD is a one-stop cloud service platform launched by Huawei. It provides a wide range of cloud computing products and solutions. It aims to become a world-leading cloud computing service provider and help customers achieve digital transformation and HUAWEI business success. Representing technologies include Elastic Computing Service (ECS), Object Storage Service (OBS), Elastic Volume Service (EVS), Cloud Container Engine (CCE), etc. AWS, Amazon's cloud computing platform service. AWS provides users with a complete set of cloud computing services, including Amazon elastic computing, storage, databases, and applications, helping enterprises reduce IT investment and maintenance costs. Representative technologies include EC2, S3, RDS, etc. Azure is Microsoft's cloud computing platform. It provides various cloud services, including computing, storage, database, and artificial Microsoft intelligence. Representative technologies include virtual machines, Azure Blob storage, Azure SQL Database, etc. Google Cloud provides comprehensive cloud computing services, including computing, storage, database, and artificial intelligence. Google Representative technologies include Google Compute Engine, Google Cloud Storage, etc. IBM Cloud provides a variety of cloud computing services, including computing, storage, databases, and artificial intelligence. IBM Representative technologies include IBM Cloud Virtual Servers, IBM Cloud Object Storage, etc. Alibaba Cloud is a cloud computing platform of Alibaba Group. It provides comprehensive cloud services, including computing, storage, Alibaba database, and artificial intelligence. Representative technologies include Elastic Compute Service, Object Storage Service, etc. VMware Cloud Foundation is a full-stack cloud infrastructure platform that provides a solution for quickly deploying and managing VMware private, public, and edge clouds. Representative technologies include VMware vSphere, VMware NSX, VMware vSAN, VMware Workstation, etc. 35 Huawei Confidential VMware vSphere: VMware's core virtualization platform. VMware NSX：VMware‘s network virtualization and security platform. VMware vSAN：VMware's hyper-converged infrastructure (HCI) solution. VMware Workstation：desktop virtualization software for personal computers. HUAWEI CLOUD Everything as a Service 800 + 300 + 90% 90% 85% 75% 300 + 120 + e-Government Financial Top 30 Chinese Top 50 Chinese e- Top 50 Chinese Top 50 Chinese Audio SAP Carriers cloud customers automakers commerce companies Game Enterprises and Video Enterprises cloudification customers Technology as a Service HUAWEI Experience as a Service CLOUD Put innovation at their fingertips Replicate excellent products and accelerate application and enable industry modernization cloudification. Infrastructure as a Service Build a single network for global storage and computing, enabling services to be accessible globally. 240+ cloud 4+ million 10,000 + Item 41000+ Partners services developers Quantity 36 Huawei Confidential In 2017, Huawei officially launched the HUAWEI CLOUD brand, which opens Huawei's 30-year-old technology accumulation and product solutions in the ICT field to customers. Through infrastructure as a service, technology as a service, and experience as a service, we realize "everything as a service". Provides stable, reliable, secure, reliable, and sustainable cloud services for customers, partners, and developers. Over the past few years, HUAWEI CLOUD adheres to technological innovation to lead industry development, strengthens software, and meets customers' diversified service requirements through system and architecture innovation. It has proposed leading technical concepts and best practices such as cloud native 2.0, distributed cloud, and application modernization. In addition, Huawei strives to become a trusted cloud. HUAWEI CLOUD is based on Huawei and understands enterprises better. It provides neutral, secure, and reliable cloud services, and works with partners to create win-win sharing and intelligent upgrades. Official website: https://www.huaweicloud.com/intl/en-us/ 240+ HUAWEI CLOUD Services Compute Business application Software development … … … ECS BMS AS BCS SMN APIG CodeCheck TestMan CloudIDE Networking Storage Containers … … … VPC ELB EIP EVS SFS OBS CCE CCI FunctionStage Enterprise intelligence Security Media … … … MLS DLS MRS WAF DEW HSS LSA Live MPC Management and governance Meetings Databases … … … CES CTS IAM Huawei Cloud Meeting webinars API/SDK RDS DDS DRS Distributed Hybrid cloud Internet of Things … … … IEF IES Dedicated Region HUAWEI CLOUD Stack IoT Device Management 37 Huawei Confidential HUAWEI CLOUD has continuously innovated and upgraded its full-stack cloud native technical capabilities. HUAWEI CLOUD has launched 240+ cloud services and 78,000+ APIs, aggregated more than 4,000+ global partners, developed more than 4 million developers, and released more than 10,000 applications in the cloud market. HUAWEI CLOUD Stack: Continuous Innovation in Local Deployment, Building a Cloud from the Perspective of Users ManageOne Cloud management platform Solid foundation "One cloud" tailored for enterprise needs Intelligent data AI Cross-domain collaboration driving enablement real-time operations of enterprises Data Agile … enablement applications Agile applications Cloud-based infrastructure Faster application innovation HUAWEI CLOUD services HUAWEI CLOUD Stack HUAWEI CLOUD Edge Professional services Numerous practices for fast Consistent experience Unified APIs Shared ecosystem and easy deployment and use of the cloud 38 Huawei Confidential HUAWEI CLOUD Stack is a full-stack cloud built by Huawei for governments and enterprises. It is derived from the full-stack service capabilities of Huawei public cloud. It meets users' compliance requirements through local deployment on the basis of unified APIs, unified experience, and unified ecosystem. It uses ManageOne to implement one cloud from the perspective of users and strives to become a cloud that understands government and enterprise better. HUAWEI CLOUD Stack and HUAWEI CLOUD are from the same door. HUAWEI CLOUD Stack has done a lot of standardization, lightweight, and engineering work, including automatic installation and deployment, upgrade, monitoring, and adaptation of southbound and northbound requirements. This puts forward high requirements on the technical background and agile development of vendors. HUAWEI CLOUD Stack will keep a proper pace to bring the most advanced services to customers. HUAWEI CLOUD Stack provides differentiated capabilities in the following four aspects: ▫ Solid foundation：HUAWEI CLOUD Stack is the industry's only cloud with full-stack independent innovation capabilities. It implements end-to-end self-controllability from chips (Kunpeng + Ascend) to cloud platforms, operating systems (Euler OS), databases (GaussDB), and more. The ManageOne cloud management platform matches the government and enterprise governance architecture, helping customers achieve one cloud from the perspective of users. ▫ Intelligent data：In the intelligent data field, HUAWEI CLOUD FusionInsight provides a big data cloud product portfolio that integrates the lake warehouse to accelerate data flow in the lake and provide customers with a sustainable big data platform. ▫ Agile applications：Through Huawei's IT digital transformation, Huawei incubates the ROMA solution to help customers smoothly evolve their applications and innovate cloud-native agilely. ▫ Professional services：Huawei continuously accumulates professional service capabilities, including blueprint top design, planning and construction, and O&M. Based on Huawei's global one-stop service layout and expert system, Huawei eliminates customers' concerns about cloudification and enables users to smoothly build, migrate, and use clouds throughout the lifecycle. To be the most trusted partner. Huawei FusionCompute Virtualization Services Globally, Stable and Reliable Huawei R&D Governments Desktop computing and NCE HCI … cloud enterprises cloud Hybrid HUAWEI cloud CLOUD FusionCompute virtualization Huawei virtualization technology FusionCompute is the cornerstone of Huawei's global commercial solutions. Build an internal R&D cloud to serve global R&D centers and provision more than 1 million VMs. Served 12,000+ customers in 150+ countries and regions, and provisioned more than 5 million VMs. 40 Huawei Confidential HCI: hyper-converged infrastructure. NCE: Network Cloud Engine. FusionCompute is Huawei's core virtualization product. It is a cloud operating system software that virtualizes hardware resources and centrally manages virtual resources, service resources, and user resources. FusionCompute is Huawei's earliest commercial cloud computing software. Its virtualization technology is proven and mature. In addition to the commercial solution FusionCompute, virtualization technologies also support cloud services of the entire company, including R&D computing cloud, hyper-convergence, and desktop cloud. Up to now, Huawei FusionCompute has been deployed for more than 12,000 customers in 150+ countries and regions, and has provisioned more than 5 million VMs. The following HCIA courses will introduce Huawei FusionCompute virtualization suite in detail. Comparison Between FusionCompute, HUAWEI CLOUD Stack, and HUAWEI CLOUD FusionCompute HUAWEI CLOUD Stack HUAWEI CLOUD Cloud computing service Definition A virtualization solution A hybrid cloud solution platform For Sales Targets Enterprise Enterprise Enterprise or individual Minimum Physical servers, Physical servers, No hardware is required, Deployment network devices, and network devices, and and the Requirements storage devices storage devices Network Access Hardware devices need Mode Subscription No hardware is required, Initial investment to be purchased Service Pay-per-use Data center Hybrid cloud, Public cloud, Scenario virtualization private cloud hybrid cloud Number of Services VM and container 90+ cloud service 240+ cloud services 41 Huawei Confidential FusionCompute virtualizes hardware resources. It uses virtual computing, storage, and network technologies to virtualize computing, storage, and network resources. FusionCompute is deployed on servers to virtualize hardware resources so that one physical server can function as multiple servers. In addition, unified interfaces are used to centrally schedule and manage these virtual resources, reducing service operating costs, ensuring system security and reliability, and helping carriers and enterprises build secure, green, and energy-saving cloud data centers. HUAWEI CLOUD Stack uses FusionSphere OpenStack as the cloud platform to integrate resources in physical data centers. ManageOne is used as the data center management software to manage multiple data centers in a unified manner. The cloud platform and data center management software work together to converge multiple data centers and improve the overall IT efficiency of enterprises. It also provides various cloud services, such as computing, storage, network, security, disaster recovery, and platform as a service (PaaS). In the following HCIP courses, we will introduce them in detail. Quiz 1. Which of the following statements are true about challenges faced by traditional IT? A. Service rollout is slow. B. Expansion is difficult. C. It is not reliable enough. D. The TCO is too high. 2. Cloud computing deployment scenarios include public cloud, private cloud, and hybrid cloud. A. True B. False 42 Huawei Confidential Answers: ▫ ABCD ▫ A Summary ⚫ In this course, we have learned: What IT is IT development trend Development of computing and virtualization technologies What cloud computing is The benefits of cloud computing The service and deployment models for cloud computing About technologies such as virtualization and resource pooling What some of the main cloud computing vendors and technologies in the industry are ⚫ In the subsequent courses, we will start with basic technologies to help you get a closer look at cloud computing. 43 Huawei Confidential Recommendations ⚫ Huawei iLearning  https://e.huawei.com/en/talent/portal/#/ ⚫ Huawei Support Knowledge Base  https://support.huawei.com/enterprise/en/knowledge?lang=en 44 Huawei Confidential Acronyms and Abbreviations ⚫ APV: Advanced Power Virtualization ⚫ IaaS: Infrastructure as a Service ⚫ KVM: Kernel-based Virtual Machine ⚫ LPAR: Logical Partition ⚫ PaaS: Platform as a Service ⚫ SaaS: Software as a Service 45 Huawei Confidential Thank you. 把数字世界带入每个人、每个家庭、每个组织，构建万物互联的智能世界。 Bring digital to every person, home, and organization for a fully connected, intelligent world. Copyright© 2023 Huawei Technologies Co., Ltd. All Rights Reserved. The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice. Virtualization Foreword ⚫ Virtualization is the foundation of cloud computing, so what is virtualization? What is the essence of virtualization? What are mainstream virtualization technologies? This course will answer these questions and give you a brief introduction to virtualization. 2 Huawei Confidential Objectives ⚫ On completion of this course, you will be able to:  Describe the essence and value of virtualization.  Understand some of the mainstream virtualization technologies.  Grasp basic principles of mainstream virtualization technologies. 3 Huawei Confidential Contents 1. Overview ◼ Virtualization  Mainstream Virtualization Technologies 4 Huawei Confidential What Is Virtualization? ⚫ Virtualization has a wide range of meanings. Any time you abstract resources from one form into another, that is virtualization, the creation of a logical representation of resources. Virtualization is an abstract layer that removes the tight coupling between physical hardware and operating systems (OSs). APP APP APP APP APP APP APP APP APP Windows Ubuntu Red Hat Win10 Ubuntu Red Hat Win10 Ubuntu Red Hat Virtualized Resource pooling Virtualization Virtualization Virtualization layer layer layer ⚫ IT resources are independent. ⚫ Resources are virtualized to a shared resource pool. ⚫ OSs must be tightly coupled with hardware. ⚫ OSs are decoupled from hardware and resources are allocated to the OSs from the resource pool. 5 Huawei Confidential Virtualization is the foundation of cloud computing. Simply speaking, virtualization allows multiple VMs to run on a physical server. The VMs share the CPU, memory, and input/output (I/O) hardware resources of the physical server, but are logically isolated from each other. In computer science, virtualization creates an abstraction layer over computer hardware for resource emulation, isolation, and sharing on one or multiple OSs. In essence, virtualization abstracts and simulates hardware resources. Virtualization abstracts a resource into one or more portions through space or time division and simulation. Important Concepts of Virtualization Guest OS Physical server Virtual machine (VM) VM OS App App Guest Machine OS VM Guest OS Hypervisor VM Virtualization software layer or virtual machine Guest machine monitor (VMM) OS VMM Host OS Host OS Hypervisor OS running on a physical machine (PM) Hardware Hardware Host machine Host machine Host Machine PM 6 Huawei Confidential Virtualization History 2007 2014 HP launched HP-UX Rocket was launched. 1964 Integrity VMs. 2008 IBM began to explore Microsoft added virtualization on 2006 Hyper-V in Windows 2013 mainframes. Server 2008 R2. Qumranet first Docker was launched. 1972 announced KVM. 2008 IBM launched VMs Linux Container LXC running on 2002 was launched. 2011 mainframes. Xen was officially IBM, Red Hat, HP, and 1999 open sourced. 2008 Intel formed the Open By default, RHEL 6.0 Virtualization Alliance to VMware launched x86- supported KVM as the only accelerate KVM based virtualization virtualization option. adoption. products. 7 Huawei Confidential In 1964, "Big Blue" IBM began experimenting with virtualization on mainframes. In 1972, IBM officially named System370's time-sharing system virtual machine. In 1999, VMware introduced the first virtualization product to run on the x86 architecture. In 2002, Xen was officially open source, and versions 1.0 and 2.0 were released. After that, Xen began to be integrated as a virtualization solution with Linux distributions such as Red Hat, Novell, and Sun. In 2004, Intel engineers began adding hardware virtualization support to Xen to prepare the necessary software for the upcoming new processors. Thanks to their efforts, Xen 3.0, released in 2005, officially supports Intel's VT technology and IA64 architecture. Therefore, Xen VMs can run operating systems without modification. In October 2006, Qumranet officially announced the birth of KVM after completing the optimization of basic functions, live migration, and major functions and performance. In October of the same year, the source code of the KVM module was officially incorporated into the Linux Kernel as a part of the kernel source code. Between 2006 and 2010, traditional IT vendors launched their own products in virtualization. In 2007, HP introduced Integrity virtual machines and Microsoft added Hyper-V to Windows Server 2008 R2. In November 2010, Red Hat introduced RHEL 6, a new enterprise edition of Linux, which integrates the latest KVM virtual machines and replaces Xen integrated in the RHEL 5.x series. In 2011, IBM, Red Hat, HP, and Intel established the Open Virtualization Alliance to accelerate KVM promotion. Virtualization Types Type Description The VMM virtualizes the CPU, memory, and device input/output (I/O) without modifying the guest OS and hardware. Full virtualization gives you Full virtualization excellent compatibility, but increases the load on the CPU of the host machine. The VMM virtualizes CPU and memory and the guest OS virtualizes device Paravirtualization I/O. The guest OS needs to be modified to coordinate with the VMM. Paravirtualization provides high performance but poor compatibility. Efficient full virtualization is realized with the help of hardware. Hardware- Compatibility is good, and guest OSs do not need to be modified. This type assisted of virtualization has been slowly eliminating differences between different virtualization software virtualization. 8 Huawei Confidential Virtualization Characteristics Partitioning Isolation × VM VM VM VM VM VM VM VM Ubuntu Win10 Red Hat Win10 Multiple VMs can concurrently run on the VMs running on the same physical server are same physical server. isolated from each other. Encapsulation Hardware Independence VM VM VM VM VM VM VM Ubuntu Win10 Red Hat The VM operating environment is encapsulated into an VMs can run on any server. No modifications independent file. Users can migrate VMs by moving files. are needed. 9 Huawei Confidential Partitioning: The virtualization layer allocates server resources to multiple VMs whose OSs can be same with or different from each other. Each OS gains access only to its own virtual hardware, such as the virtual network interface card (NIC), virtual CPUs, and virtual memory, provided by the virtualization layer. Multiple apps run on the same physical server. Isolation: VMs that run on the same physical server are isolated from each other. ▫ Even if one VM crashes or fails due to an OS failure, application crash, or driver failure, other VMs can still run properly. ▫ If one VM is infected with worms or viruses, other VMs will not be affected as if each VM runs on an independent physical machine. ▫ Resources can be managed to provide performance isolation. Specifically, you can specify the maximum and minimum resource usage for each VM to ensure that one VM does not use all resources. ▫ Multiple loads, applications, or OSs can run concurrently on one PM, preventing problems that may occur on the x86 server, for example, application or dynamic link library (DLL) conflicts. Encapsulation: All VM data including the hardware configuration, BIOS configuration, memory status, disk status, and CPU status is stored into a group of files that are independent of physical hardware. This enables users to copy, save, and migrate VMs by copying, saving, and migrating files. Hardware independence: VMs run on the virtualization layer. Only virtual hardware provided by the virtualization layer can be accessed. The virtual hardware is independent of the physical server. In this way, the VM can run on any x86 server (IBM, Dell, HP, and more). No modifications are needed. This breaks the constraints between OSs and hardware and between applications and OSs/hardware. Advantages of Virtualization After virtualization OSs are decoupled from physical servers. Migration, scaling, and integration are all easy. Standard virtual hardware consists of a series of files, so security is less work. Before virtualization OSs are bound to physical servers. Migration is difficult and stability unreliable. Scaling is hard and resource utilization low. Servers take up a lot of space and need to be housed and maintained. 10 Huawei Confidential CPU Virtualization Issues ⚫ CPU virtualization resolves the following two issues:  Simulation of CPU instructions (all sensitive instructions) ◼ Sensitive instructions: Instructions that can read and write key system resources are called sensitive instructions. ◼ Privileged instructions: The majority of sensitive instructions are privileged instructions, which can only be executed at the highest privilege level (kernel mode) of the processor.  Enabling multiple VMs to share CPUs ◼ CPU virtualization uses a timer interruption mechanism similar to the time interruption mechanism used in native OSs. The timer interruption mechanism triggers the enabling of the VMM when an interruption occurs. The VMM then schedules resources in accordance with the preset scheduling policy. 11 Huawei Confidential Key system resources: The interfaces presented by processors to software instruction sets and registers. The interfaces presented by I/O devices to software are status and control registers, collectively called system resources. Registers that affect the status and behavior of processors and devices are called key system resources. CPU Virtualization User User instruction Ring 3 User instruction application Ring 3 User User application Ring 3 Non- Ring 2 application root mode Ring 2 Ring 2 Capture Ring 1 Translation Simulation Ring 1 Ring 1 Guest OS Ring 0 Guest OS Ring 0 OS (kernel) Ring 0 VMM Root mode VMM x86 Hardware Structure x86 Hardware Structure x86 Hardware Structure Full virtualization based on Hardware-assisted full No virtualization binary translation virtualization 12 Huawei Confidential FusionCompute uses hardware-assisted full virtualization. The x86 OS is designed to run directly on raw hardware devices and therefore is considered to fully occupy computer hardware. The x86 architecture provides four privilege levels for OSs and applications to access hardware. Ring indicates the CPU running level. Ring 0 is the highest level, Ring 1 is the second highest level. ▫ A Linux or x86 OS (kernel) needs to directly access hardware and memory. The OS code needs to run on the highest level (Ring 0) so that the OS can use privileged instructions to control interruptions, modify page tables, and access devices.  The code of applications runs at the lowest running level (Ring 3), and controlled operations are not allowed. If you want to perform controlled operations (for example, access disks or write files), you need to execute system calls (functions). During system calls, the CPU running level is switched from Ring 3 to Ring 0, and the system calls the corresponding kernel code. This way, the kernel completes device access and then the CPU running level is switched back from Ring 0 to Ring 3. This process can also be described as switching between the user mode and kernel mode. However, this way of working gives rise to a problem. If the host OS is operating Ring 0, the guest OS cannot operate Ring 0. However, the guest OS cannot detect that the host OS is operating Ring 0. An error occurs if the guest OS does not have the permission to execute certain instructions it has previously executed. In this situation, the VMM is needed to resolve this problem. The VMM allows VM guest CPUs to access hardware based on the following three technologies: ▫ Full virtualization ▫ Paravirtualization ▫ Hardware-assisted virtualization Hardware-assisted virtualization technologies for processors include Intel's VT-x and AMD's AMD-V. New instructions and running modes allow the VMM to run in root mode and the guest OSs run in non-root mode at privilege level Ring 0. Generally, core instructions from the guest OS can reach the hardware and be executed without being transferred to the VMM. When the guest OSs receive special instructions, the system transfers the instructions to the VMM for processing. For example, the Intel VT technology introduces the VMX root operation mode and VMX non-root operation mode. Generally, the host OS and the VMM run in the VMX root mode, and the guest OS and its applications run in the VMX non-root mode. Both modes support all rings. Therefore, the guest machine can run in its desired rings (Ring 0 for the guest OS and Ring 3 for the applications), and the VMM runs in the ring required by the guest machine (for the KVM, QEMU runs in Ring 3 and KVM runs in Ring 0). The CPU switchover between the two modes is called VMX switchover. Switching from root mode to non-root mode is called VM entry. Switching from non- root mode to root mode is called VM exit. It can be seen that CPUs are controlled to switch between the two modes and execute the VMM code and guest OS code in turn. For a KVM VM, the VMM running in the VMX root mode executes VMLAUNCH instructions to switch the CPUs to the VMX non-root mode when the VMM needs to execute the guest OS instructions. The VMM then starts to execute guest OS code. This is the VM entry process. When the guest OS needs to exit the mode, the CPUs automatically switch to the VMX root mode. This is the VM exit process. If you look at the figure onscreen you can see that KVM guest OS code is controlled by the VMM and runs on physical CPUs. QEMU does not execute the code itself. It only controls VM code through KVM to allow the code to be executed by CPUs. The CPUs are not virtualized into virtual CPUs for the guest machines to use. Mappings Between CPUs and vCPUs PHY kernel 01 Super vCPU Thread PHY kernel 02 Super vCPU Thread PHY kernel 03 Super vCPU Thread PHY kernel 1x Super vCPU Thread PHY kernel 1x Super vCPU Thread PHY kernel 1x Super vCPU Thread 14 Huawei Confidential This figure shows the mappings between vCPUs and CPUs. Let's take an RH server with the CPU frequency of 2.6 GHz as an example. A single server has two physical CPUs, each of which has eight cores. The hyper- threading technology provides two processing threads for each physical core. Each CPU has 16 threads, and the total number of vCPUs is 32 (2x8x2). The total CPU frequency is calculated as follows: 32 x 2.6 GHz = 83.2 GHz. The number of vCPUs on a VM cannot exceed the number of available vCPUs on a computing node agent (CNA) node. Multiple VMs can reuse the same CPU, and the total number of vCPUs running on a CNA node can exceed the actual number of vCPUs. Memory Virtualization Issues ⚫ Through memory management, a traditional native OS will ensure the following:  The memory starts from physical address 0.  Memory blocks have contiguous addresses. ⚫ This approach to memory management gives rise to two issues:  Start from physical address 0: There is only one physical address 0, which cannot meet multiple concurrent customer requirements.  Contiguous addresses: Although consecutive physical addresses can be allocated, this method of memory allocation leads to poor efficiency and flexibility. ⚫ Memory virtualization resolves both issues. 15 Huawei Confidential Memory Virtualization ⚫ The physical memory of a PM is managed centrally, and is packed into multiple virtual memories for multiple VMs. ⚫ KVM virtualizes and uses the physical memory and allocates it to VMs as required. VM1 VM2 Guest Virtual GVA Address Guest Physical GPA Address Host Physical HPA Address 16 Huawei Confidential In KVM, the physical memory of a VM is the memory occupied by the qemu-kvm process. KVM uses CPU-assisted memory virtualization. Memory virtualization - shadow page table: ▫ A memory management unit (MMU) on the host machine cannot directly load the page tables of guest machines for memory access. Address translations are required when a guest machine accesses the physical memory of host machines. That is, GVAs are translated to GPAs according to guest page tables, and then translated to host virtual addresses (HVAs) according to the mappings between GPAs and HVAs. Finally, HVAs are translated to HPAs according to host page tables. With shadow page tables, GVAs can be directly translated into HPAs. ▫ Intel CPUs provide Extended Page Tables (EPT) to support the following translations on hardware: GVA -> GPA -> HPA, thereby simplifying and enhancing memory virtualization. To run multiple VMs on a machine, KVM needs to add a GPA, which is a not a real physical address. There is a translation layer: GVA -> GPA. However, the guest OS cannot directly access the actual machine memory. The VMM needs to map the guest physical memory to the host physical memory (GPA -> HPA). I/O Virtualization Issues ⚫ FusionCompute I/O virtualization implements two functions:  Device discovery ◼ FusionCompute controls which devices can be accessed by VMs.  Access interception ◼ VMs access devices through I/O ports or MMIOs. ◼ The device exchanges data with the memory through DMA. 17 Huawei Confidential I/O Virtualization ⚫ I/O virtualization can be considered a hardware middleware layer between server components, OSs, and available I/O processing units. It allows multiple guest OSs to reuse limited peripheral resources. ⚫ Device virtualization (I/O virtualization) is when you emulate the registers and memory of devices, intercept guest OS access to the I/O ports and registers, and use software to simulate device behavior. ⚫ In Quick Emulator (QEMU)/KVM, guest machines can use emulators, Virtio devices, or PCI devices:  Emulators: devices that are completely emulated by the QEMU software  Virtio devices: paravirtualized devices that implement Virtio APIs  PCI devices: directly assigned 18 Huawei Confidential I/O Virtualization - Full Emulation ⚫ Software is used to emulate a specific device.  The same software interface is used, for example: APPs programmable input/output (PIO), memory mapped I/O Device (MMIO), direct memory access (DMA), or interrupt. Model Native IRQ Emulation Driver  Virtual devices that are different from physical devices in the system can be emulated. I/O IRQ Virtual ⚫ Multiple context switches are required for each I/O VM Exit Interrupt operation. Hypervisor Driver  VM Hypervisor  QEMU Hypervisor ⚫ Devices emulated by software do not affect the Device software stacks of the VMs.  Native driver 19 Huawei Confidential Advantages of I/O virtualization Low dependency on the hardware platform Convenient emulation of popular and legacy devices High compatibility, requiring no additional support from host and guest machines Disadvantages of I/O virtualization Poor performance due to long I/O path and large number of VM-Exists I/O virtualization is applicable to scenarios that do not require high I/O or to emulating legacy devices (such as RTL8139 NICs). I/O Virtualization - Virtio ⚫ Virtualizing special devices  Special device drivers, including the front-end drivers APPs on VMs and the back-end drivers on the hosts Shared Memory Back-end  Efficient communication between the front-end and Driver Front-end back-end drivers Driver ⚫ Reducing the transmission overhead between VMs Hyper call Notification and hosts Driver Hypervisor  Shared memory  Batched I/O  Asynchronous event notification mechanism Device (waiting/notification) between eventfd lightweight processes 20 Huawei Confidential Advantages of Virtio paravirtualization Implementing Virtio APIs Reducing the number of VM-Exits High execution efficiency of the guest machine I/O, better than common I/O emulation Disadvantages of Virtio paravirtualization Low compatibility due to lack of Virtio drivers in the guest machine (The earlier systems do not have the Virtio driver by default, and the Virtio driver must be additionally installed in the Windows.) High CPU usage when I/O operations are frequent PCI Device Assignment ⚫ KVM VMs allow the PCI and PCI-E devices in the host machine to be attached to the guest VM so that the guest VM can exclusively access the PCI or PCI-E devices. After a device has been assigned to a guest VM by using the VT-d technology supported by the hardware, the guest VM treats the device as if it is physically connected to the VMs PCI or PCI-E bus, and the I/O interaction between the guest VM and the device is no different from interaction between two physical devices. The hypervisor rarely needs to participate in this process. Userspace … Guest OS Process Linux Kernel KVM Module TX RX Physical Hardware Platform (VT-d or IOMMU supported) Physical NIC 21 Huawei Confidential PCI device assignment enables guest machines to fully occupy PCI devices. In this way, when I/O operations are performed, the number of VM-Exits is greatly reduced, so that the VM-Exits do not get trapped in the hypervisor. This greatly improves the I/O performance and in fact achieves almost the same performance as a non-virtualized system. Although the performance of Virtio is good, VT-d overcomes the problems of poor compatibility and high CPU usage. However, VT-d has its own disadvantages. Space on a server mainboard is limited, and the number of PCI and PCI-E devices that can be added is limited. If a host machine has a large number of guest machines, it is difficult to allocate VT-d devices to each guest machine independently. In addition, a large number of VT-d devices are independently assigned to guest machines, increasing the number of hardware devices and hardware investment costs. Contents 1. Overview  Virtualization ◼ Mainstream Virtualization Technologies 22 Huawei Confidential Xen Virtualization ⚫ The Xen hypervisor is the first program that is loaded after a server is enabled through BIOS. Then, a VM, with specific permissions, is enabled, which is called Domain 0 (Dom0). The operating system of Dom0 can be Linux or Unix. Dom0 controls and manages the Hypervisor. Of all the VMs, Dom0 is the only one that can directly access physical hardware such as a storage device and a network interface card (NIC). It serves as a bridge for Domain U (DomU) to access storage devices and NICs through its physical drive. Dom0(management) DomU (VM) DomU (VM) Linux/Unix kernel Virtual driver Virtual driver Physical driver Xen Hardware 23 Huawei Confidential Xen was initially an open-source research project of Xensource founded by Cambridge University. In September 2003, Xen 1.0 was released. In 2007, Xensource was acquired by Citrix, and then Xen was promoted by Xen Project (www.xen.org), whose members include individuals and companies (such as Citrix and Oracle). In March 2011, the organization released Xen 4.1. Xen not only supports the x86/x86_64 CPU architecture of CISC that both ESX and Hyper-V support but also RISC CPU architectures (IA64 and ARM). Xen supports two types of virtualization: Paravirtualization (PV) or hardware virtual machine (HVM). PV requires OSs with specific kernels, for example, the Linux kernel based on the Linux paravirt_ops (a set of compilation options of the Linux kernel) framework. However, Xen PV does not support Windows OSs due to its closeness. There is something special for Xen PV: CPUs are not required to support hardware-assisted virtualization, which is applicable to the virtualization of old servers produced before 2007. Xen HVM supports native OSs, especially Windows OSs, and Xen HVM requires CPUs to support hardware-assisted virtualization. It can modify all hardware (including the BIOS, IDE controllers, VGA video cards, USB controllers, and NICs) emulated by QEMU. To improve I/O performance, paravirtualized devices replace emulated devices for disks and NICs in full virtualization. Drivers of these devices are called PV on HVM. To maximize performance of PV on HVM, the CPU must support MMU hardware-assisted virtualization. The Xen hypervisor layer has less than 150,000 lines of code. In addition, it, similar to Hyper-V, does not include any physical device drivers. The physical device driver loaded in Dom0 can reuse the existing drivers in Linux. Xen is compatible with all hardware Linux supports. KVM Virtualization ⚫ KVM is a kernel-based VM. ⚫ The essence of KVM is kvm.ko, a virtualization module in the Linux kernel. It uses Linux to perform operations, such as task scheduling, memory management, and interaction with hardware devices. ⚫ KVM is open-source software that was integrated into the Linux 2.6.20 kernel in February 2007. ⚫ In KVM, a VM is a Linux process scheduled by the CPU. ⚫ A KVM runs in the kernel space and provides CPU and memory virtualization. It does not perform any simulation. QEMU runs in user space, where it provides virtualization emulation of hardware I/O. 24 Huawei Confidential KVM is short for Kernel-based Virtual Machine. It was originally an open source project developed by Qumranet, which was acquired by Red Hat in 2008. However, KVM is still an open-source project supported by venders such as Red Hat and IBM. KVM is a kernel-based VM because KVM is a Linux kernel module. After this module is installed on a physical machine running Linux, the physical machine becomes a hypervisor without affecting other applications running on Linux. KVM supports CPU architectures and products, such as x86/x86_64 CPU architecture (also for Xen), mainframes, midrange computers and ARM architecture. KVM makes full use of the hardware-assisted virtualization of CPU and reuses many functions of the Linux kernel. As a result, KVM consumes a few resources. Avi Kivity, the founder of KVM, claimed that the KVM module had only about 10,000 lines of code. However, we cannot naturally conclude that KVM hypervisor just had the amount of code, because KVM is actually a module that can be loaded in the Linux kernel. It is used to turn the Linux kernel into a hypervisor. A Linux kernel is converted into a hypervisor by loading a KVM module. The Linux runs in kernel mode, a host process runs in user mode, and a VM runs in guest mode, so the converted Linux kernel can perform unified management and scheduling on the host process and the VM. This is why KVM got its name. KVM history: ▫ In October 2006, Qumranet, an

HCIA-Cloud Computing V5.5 Training Material PDF

Document Details

Tags

Related

Summary

Full Transcript