sign in sign up
<<
Home , Cooperative Linux, DOSBox, DOSEMU, LXC, Virtualization, Wine (software)

Running other code under LINUX Environment Virtualization

• Citrix/MetaFrame – Virtual desktop under Windows NT. aka Windows Remote Desktop Protocol

• VNC, Dameware – virtual console.

• XWindows – virtual console

• Mac OS RDP – same as Windows.

.EXE Hardware Emulation

• IBM – (VM) OS

Also using code: • Processor virtualization • Instruction set virtualization.

• Slow. Usually requires OS (re-)installation

• Examples: KVM (uses QEMU), Solaris Domains, DOSBox, DOSEmu, Processor Virtualization

• “Native” or : virtual machine that mediates between the guest operating systems and the native hardware. Certain protected instructions must be trapped and handled within the because the underlying hardware isn't owned by an but is instead shared by it through the hypervisor.

• This form usually requires specially virtualization CPU processors (, AMD) for performance. The only constraint is that the operating system must support the underlying hardware. Close to hardware-level performance.

• The biggest advantage of full virtualization is that a guest OS can run unmodified. OS is usually “ported” to the hypervisor machine. VmWare, HyperV.

• Examples: VMWare. Processor Virtualization

: uses a hypervisor for shared access to the underlying hardware but integrates virtualization-aware code into the operating system itself. Obviates the need for any recompilation or trapping because the operating systems themselves cooperate in the virtualization .

• Also requires specialized CPU hardware but not to the same level as “native” virtualization. Close to “native” performance.

• Guest OS is (re-)installed to run virtualized.

• Examples: LINUX , User Mode LINUX (UML), Microsoft Virtual PC, VirtualBox Hypervisor. OS Level Virtualization

• OS Level Virtualization: Virtualizes servers on top of the operating system itself - uses a single operating system and simply isolates the independent virtual servers from one another (code, memory, filesystems).

• Doesn’t use special virtualization hardware

• Uses a lot of underlying OS resources – memory, filesystem space.

• Original concept – BSD “ jail”

• Examples: LINUX: “containers”. Solaris “Zones” Hardware support for virtualization • IA-32 (Intel ) supports four rings of protection, where level 0 (the highest privilege) typically runs the operating system, levels 1 and 2 support operating system services, and level 3 (the lowest level) supports applications.

• In IA-32 (x86) architecture certain privileged-mode instructions do not trap, and can return different results based upon the mode. This is problematic when attempting to virtualize different operating systems at different levels.

• Hardware vendors have recognized this shortcoming (and others), and have produced new designs that support and accelerate virtualization. Intel’s new virtualization technology supports for both the x86 32-bit (VT-x) and ® (VT-I) 64-bit architectures. The VT-x supports two new forms of operation, one for the VMM (root) and one for guest operating systems (non-root). The root form is fully privileged, while the non- root form is deprivileged (even for ring 0).

• AMD is producing hardware-assisted virtualization technology, under the name Pacifica which Pacifica maintains a control block for guest operating systems that are saved on of special instructions. This allows a virtual machine (and its associated guest operating system) to run until the VMM regains control. Pacifica also amends address translation with host and guest (MMU) tables.

• These can be used by a number of virtualization techniques, including Xen, VMware, User-mode Linux, and others. Virtualization Products • and QEMU are PC that allow operating systems such as Windows or Linux to be run in the user-space of a Linux operating system.

• VMware is a popular commercial full-virtualization solution that can virtualize unmodified operating systems.

• Xen is an source paravirtualization solution that requires modifications to the guest operating systems but achieves near native performance by collaborating with the hypervisor.

• Microsoft Virtual PC is a paravirtualization virtual machine approach. See also HyperV.

• User-mode Linux (UML) is another paravirtualization solution that is open source. Each guest operating system executes as a process of the host operating system.

• coLinux, or , is a virtualization solution that allows two operating systems to cooperatively share the underlying hardware.

• Linux-Containers (see also )

• The Linux KVM is virtualization technology that has been integrated into the mainline (not KVM kernel, but does require PAE support). Runs as a single kernel loadable module, a Linux kernel running on virtualization-capable hardware is able to act as a hypervisor and support unmodified Linux and Windows guest operating systems. What is a container? • A Linux® container is a set of one or more processes that are isolated from the rest of the system. All the files necessary to run them are provided from a distinct image, meaning that Linux containers are portable and consistent as they from development, to testing, and finally to production. This makes them much quicker than development pipelines that rely on replicating traditional testing environments. Because of their popularity and ease of use containers are also an important part of IT security. • The container that holds your application has the necessary libraries, dependencies, and files so that you can move it through production without worrying about changes from test/dev/stage migration. In fact, the contents of a container image can be thought of as an installation of a because it comes complete with RPM packages, configuration files, etc. But, container image distribution is a lot easier than installing new copies of operating systems. • Unlike OS virtualization that lets your operating systems (Windows or Linux) run simultaneously on a single hardware system. Containers share the same operating system kernel and isolate the application processes from the rest of the system. For example: ARM Linux systems run ARM Linux containers, x86 Linux systems run x86 Linux containers, x86 Windows systems run x86 Windows containers. Linux containers are extremely portable, but they must be compatible with the underlying system. What is a container? Docker Project/Docker Inc.

• The initial container engine is now known as "Docker Engine." • Other tools have been added: • Docker Compose (formerly "Fig") • Docker Machine • Docker Swarm • Kitematic (acquisition) • Tutum (recent acquisition) • Founded in 2009. • Formerly dotCloud Inc. • Primary sponsor of the Docker Project. • Hires maintainers and contributors. • Provides infrastructure for the project. • Runs the Docker Hub. HQ in San Francisco. What is Docker?

• In a way, Docker is unlike a virtual machine, rather than creating a whole virtual operating system, Docker allows applications to use the same Linux kernel as the system that they're running on and only requires applications be shipped with things not already running on the host computer. This gives a significant performance boost and reduces the size of the application. • Docker is essentially a "snapshot" of the LINUX kernel with a restricted subset of kernel services allowed to isolate an application within a container using only the resources needed to run the app - similar to a Linux container. Howver multiple canned Docker "images" can be run to propogate the application among multiple LINUX instances - usual VMs under other hypervisors; and occasionally in the "cloud". • Docker comes in two flavors - Enterprise Edition EE ($$) and Community Edition CE. Both allow for published canned docker images to be downloaded and used as app containers. There is also the option of generating your own proprietary docker images. • The importance of containers is a relfection of the virtualization of environments in private and public virtualized “clouds” – Azure. AWS etc. • See: https://docs.docker.com/engine/docker-overview