上一篇 / 下一篇  2007-12-08 01:48:53 / 个人分类:Linux系统配置

KVM (for Kernel-based Virtual Machine)is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V). It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko. KVM also requires a modifiedQEMUalthough work is underway to get the required changes upstream.51Testing软件测试网]`q.K N;]`-O

x0syg"dR`*f0Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc.51Testing软件测试网KYPqzQzx ?

5xD;J1J,oW&C0The kernel component of KVM is included in mainline Linux, as of 2.6.20.
}3BS4i+{o |051Testing软件测试网7D?6FID$}4c i
KVM is open source software.51Testing软件测试网vfL l_)w.k z9l
51Testing软件测试网[]!S5A J _8N^W

"vqe}(vB}0Linux Gains Two New Virtualization Solutions51Testing软件测试网 D,w0T _b of&} F


The upcoming 2.6.23 kernel has gained two new virtualization solutions. According to KernelTrap, bothXenandlguest have been merged into the mainline kernel. These two virtualization solutions jointhe already merged KVM, offering Linux multiple ways to run multiple virtual machines each running their own OS.

,J e'b d6Ip]P0半虚拟化技术(Paravirtualization):
Pn;J C~~FwK051Testing软件测试网8@yoe4WwZ8e%m
全虚拟化技术(Full Virtualization):51Testing软件测试网5d&f2C7Za
Intel VT虚拟技术( Virtualization Technology):

*mlCW$Mo E2OI0AMD SVM(安全虚拟机, Secure Virtual Machine):

X#f5J2E {y0SB0

Linux Tip: How to Tell if Your Processor Supports VT

51Testing软件测试网 pt(Y1s/Ql&Z)V

Virtualization Technology (VT) is a set of enhancements to newer processors that improve performance for running a virtual machine by offloading some of the work to the new cpu extensions. Both AMD and Intel have processors that support this technology, but how do you tell if your system can handle it?51Testing软件测试网9JR J!BN@6y.s

51Testing软件测试网-^2u p0Jkl

It's quite simple: We'll need to take a peek inside the /proc/cpuinfo file and look at the flags section for one of two values, vmx or svm.51Testing软件测试网}d!P^8C.G+vn`

  • vmx- (intel)
  • svm- (amd)

You can use grep to quickly see if either value exists in the file by running the following command:

pn%v Du3k;i%L0

hDA#V[|;~E0egrep '(vmx|svm)' /proc/cpuinfo

} R+^)wU8r v,}0N0
51Testing软件测试网hND\ sHzO;j

If your system supports VT, then you'll see vmx or svm in the list of flags. My system has two processors, so there are two separate sections:

'Ou+AH@ @"{q0

qy a C ?K0flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cplvmxest tm2 ssse3 cx16 xtpr lahf_lm
d]~4^#T7ovZvUSIK0flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cplvmxest tm2 ssse3 cx16 xtpr lahf_lm


VT technology can still be disabled in your computer's BIOS, however, so you'll want to check there to make sure that it hasn't been disabled. The flags in cpuinfo simply mean that your processor supports it.51Testing软件测试网G;wLr R

_l g)lk-G Ve&xA0c.Z0From my research, VT is required in order to run 64-bit guests under the free VMware server for linux… so it would logically follow that if you can do so, VT is enabled.

oW^ e'l.SHcIL0

.Bq:]&jss032-bit VT is not enabled by default under VMware server. If you want to enable it, you need to add the following line to your *.vmx file for your virtual machine:51Testing软件测试网"c?s/A6w1^(JnI

51Testing软件测试网"v Y W!B!} `EM

monitor_control.vt32 = TRUE


(O w8j6cq6Ov0VMware does not recommend that you use VT for 32-bit guests, because they say it will actually hurt performance.


wk(qTF2ep#X0------------------------------------------------------------------------------------51Testing软件测试网 O bxw-f0_


WHAT IS BOCHS?51Testing软件测试网:Yfu}QG

2hx|.dx0Bochs is a highly portable open source IA-32 (x86) PC emulator51Testing软件测试网jw b(ZQ4X0|
written in C++, that runs on most popular platforms. It includes
K1h@7@f0emulation of the Intel x86 CPU, common I/O devices, and a custom51Testing软件测试网a4a|6L4Xxb/v W
BIOS. Currently, bochs can be compiled to emulate a 386, 486 or
%Y$N*h(t5pZ/M0Pentium CPU. Bochs is capable of running most Operating Systems
#K9i|MH`6R m0inside the emulation including Linux, Windows 95, DOS, and51Testing软件测试网Gz,h+Q[~ O2Psby
Windows NT 4. Bochs was written by Kevin Lawton and is currently51Testing软件测试网'S,idJ~
maintained by the Bochs project at "http://bochs.sourceforge.net".

T.FV-qF'LG&O3X051Testing软件测试网+cN:x [/Mw sV



About PearPC

*C@-DX6fT7L;y0PearPC is an architecture-independent PowerPC platform emulator capable of running most PowerPC operating system51Testing软件测试网I6[ g#U,Zj\]z#u




7M0m-XJ8j/C,Z _A-a0

4\r U0V7Fv:uU0

\$wL S8g9d9vXL0
  • License:GPL
  • Programming language:C++, C and (on x86 platforms) assembler
  • Supportedhostplatforms:POSIX-X11 (Linux, ...), Win32


)T N0p[6hE B2B01.系统(处理器)需求?51Testing软件测试网7t#s Fv RERa

51Testing软件测试网E+Q/c0F `eC,Iwf

  你将需要一台运行最新Linux内核的Intel处理器(含VT虚拟化技术)或AMD处理器(含SVM安全虚拟机技术的AMD处理器, 也叫AMD-V)。51Testing软件测试网Fi#t b1@#w3h8D0F5Y.v

q/Py6q&]O2A0  2.什么是Intel VT/AMD-V?

RXCh)g } xu051Testing软件测试网QK;G p'B

  Intel VT和AMD’s AMD-V是一套与支持该技术的虚拟机监视器相结合的硬件增强特性(指令集扩展)。kvm可在原始硬件速度下通过运行完全隔离的虚拟机来执行任务。


2ail8^(X"^0  3.如何确认处理器含有Intel VT或AMD-V技术?


zxp.Y@0  在最新的Linux内核下运行: egrep ‘^flags.*(vmx|svm)’ /proc/cpuinfo

ZYM1|(n@2P$T H!o051Testing软件测试网d/O%dhk6cW O$x


{:fR pig`.CW0

0[oO&t5L'hgJ0  注:一些厂商禁止了机器BIOS中的VT选项, 这种方式下VT不能被重新打开。51Testing软件测试网 na4ZgHA:Fr
./proc/cpuinfo仅从Linux 2.6.15(Intel)和Linux 2.6.16(AMD)开始显示虚拟化方面的信息. 请使用uname -r命令查询您的内核版本。51Testing软件测试网f#L)S T[t%B

C-N `{$ji \0  如有疑问, 请联系硬件厂商。

%tG1jMKR"V:A051Testing软件测试网3wh Y q9Dh k'vw


51Testing软件测试网j3?mHud j\

  kvm使用稍改动的qemu程序来创建虚拟机. 一旦运行后, 虚拟机是一个标准的进程. 你可以使用top(1),kill(1),taskset(1)和类似的工具来管理虚拟机。51Testing软件测试网;T X2D G v

t%Vu C l9ngLy0  5.kvm支持哪些虚拟磁盘格式?51Testing软件测试网u4Ehi3h&V^xy

51Testing软件测试网`^r)i#[ l,s*o

  kvm从qemu继承了丰富的磁盘格式, 包括裸映象(raw images), 原始qemu格式(qcow), VMware格式和更多。

FOE3sJ u051Testing软件测试网6PM!d7G![6Q9M:Y


,` Eo+bS~T7uh051Testing软件测试网h N N9ktk

  Xen是一个外部的hypervisor程序(虚拟机管理程序);它能够控制虚拟机和给多个客户机分配资源. 另一方面, kvm是linux的一部分, 可使用通常的linux调度器和内存管理. 这意味着kvm更小更易使用。51Testing软件测试网9Q3o/a*`c

W8DDJ8G M0  另一方面, Xen同时支持全虚拟化和半虚拟化(修改过的客户机能有更好的性能). kvm当前不支持半虚拟化。

;S7b"Ne9}FA051Testing软件测试网/\ F7}6Bp

  7.kvm和VMware有何区别?51Testing软件测试网!@ @9Rx;h

)^ {+CKE_0  VMware是一个专利产品. kvm是一个遵守GPL­的自由(开源)软件。

9HC5FUWT Q051Testing软件测试网,~P*A p c8v


a/^xp{T0   Qemu使用模拟器; kvm使用处理器扩展实现虚拟化。

UD0`7m S$f0

A ks |M7CH%W8YA4P0  9.kvm有windows上的版本吗?51Testing软件测试网 zL,T[t*Rk2W0Ey

~E$ZX'p'D0  当前没有。51Testing软件测试网Hd&X1W]E-o3i\



qdrSTPwN ?0

E~U Nc%iL1`0  kvm可以运行在最新的内核版本下(2.6.16或更高, 最好是用最新的内核)

!r j{4c3]0n[0

h&A"m w%M9n8^0  11.我需要多什么RAM(内存)才能运行kvm?


G \@3o/U^1NbA'y Q0  你需要足够的内存在主机上运行单个或多个虚拟机. 建议主机内存至少1GB。51Testing软件测试网`YvYzp(g`

7c N~tR+x&}C0  12.KVM上的虚拟机支持哪些操作系统?

|`K"ci|Hkl051Testing软件测试网6c]%[ B(E7g_

  我们已经测试了Linux(32/64位)和Windows(32位), 其它也许能够运行或不能运行。不支持64位的Windows操作系统, 该问题会在qemu-0.83发布和整合后修复。

6?0h3d3i%Sk(q0  13.KVM支持动态迁移功能吗(在不离线的情况下把虚拟机从一个主机移到另一个主机上)?


eF:x w&]0  现在kvm支持非动态迁移,当内存数据需转移的时候,系统需要停止。动态迁移功能正在开发当中。

2};a uzN1\3P%](T051Testing软件测试网 L$B \ ~7u\

  14.kvm能够在64为主机上运行32位的客户机吗? 什么是PAE?51Testing软件测试网1jQ{h'b*m

51Testing软件测试网o*R&A5beT P1l-f

  kvm支持在64位主机上运行32位客户机, 也可以是任何PAE或非PAE客户机和主机组合。但不支持在32位主机上运行64位客户机。51Testing软件测试网U4Qe&v)}EK

51Testing软件测试网k D `?y?#~4{?k

  15.如果我对一个VM进程使用kill -9将会发生什么?51Testing软件测试网J+hQ4\B1Iywz!g

bU zb mC8?8I P0  从客户机的角度来看,就如你猛地把电源线从主机上拔出一样。从主机的角度来看,进程被杀掉,进程占用的所有资源被施放。

DV0{j-EeRV8P0b051Testing软件测试网(a9Xd6M1Lhv Q-]E r


j"}e |/yw {E E m0

[8b!y7g [3[3m0  支持。51Testing软件测试网j VOc1aw

b&c/mv mM:wK0  17.如何安装windows客户机?

+`LV Yvc}.eb+h t0

pAgKik%l tw0  当前Windows客户机安装存在一点问题,问题在APIC的实现上。现在APIC由qemu来模拟, 而qemu还没有完全整合到kvm虚拟cpu中。我们正加紧在kvm中实现APIC功能。51Testing软件测试网lWmiL W

kl[g&[g*vHT0   到现在, 启动qemu请使用-no-acpi参数,如果你的客户机需使用APIC HAL,建议参考下面步骤:


@!T:\#t7U0  1. 关闭kvm运行客户机(-no-kvm)51Testing软件测试网"e2Jt2?v$t6Z!i!f
My Computer -> Properties -> Hardware -> Device Manager -> [Whatever under Computer] -> Properties -> Update Driver -> Not at this time -> Next -> Install from a list -> Next -> Don’t search -> Next -> Standard PC -> Next.51Testing软件测试网-\5RU v:_4O%w2\0p(\}p
“Standard PC”是无acpi支持的HAL.51Testing软件测试网R*d)k)o-g#Z S

:EB;z/X HdQk0  18.Qumranet提供哪些产品?51Testing软件测试网!V@{8H c.t

Q!w0LK;f#w0  umranet是一家由Qequoia Capital和Norwest Venture Partners (NVP)投资的初创公司,当前公司处于准备运营当中(正在加紧开发公司的产品)。

#mqKv7G W+L0

k] UKs+A$v-G0------------------------------------------------------------------------------------------------------------51Testing软件测试网 A_ ^(o5K}Q0Fs8` i

Virtualization versus paravirtualization


When you create a new VM, it is allocated a chunk of RAM all to itself, and lives completely self-contained from the outside world. VMware even has a virtual BIOS to complete the illusion. If your VM wants to communicate to other VMs on the same computer, it has to do so over a TCP/IP network connection, just like any other machine. In fact, when you install an operating system on a virtual machine, it cannot even tell that itisa virtual machine because it looks identical to raw hardware.51Testing软件测试网u.LffP


The problem with this type of virtualization is that it is very slow. For example, the VM has to access hardware frequently (to save files, show a display, and so on), but of course it cannot access the hardware directly because doing so would interfere with other VMs. Instead, its requests have to be translated and rerouted to the host operating system, where they are handled. Similarly, if the VM tries to execute any special CPU instructions that would reveal that the VM is actually a virtual machine, the host OS has to stop those instructions and fake the answer so that the VM is not any wiser (a technique known asbinary patching).51Testing软件测试网(w vS/e{7K*kZ{ X-K


The solution is to move from virtualization to paravirtualization -- the technique that Xen uses. Linux is open source, so the Xen developers modified the Linux source code so that Linux becomes aware of its existence as a virtual machine. When the virtual Linux needs access to the hardware, it just asks Xen for permission. The difference is huge: You can expect a normal VM to run at about 50% of the speed of a native machine, whereas a Xen virtual machine can run up to about 95%, simply by removing the need for binary patching and other virtual hacks.


dn`]G }0The downside to Xen is that the source code has to be patched, which rules out closed-source operating systems. VMware runs Windows XP on Linux out of the box, but Xen cannot. That said, the new chips from Intel and AMD include virtualization on hardware, which enables Xen to run unmodified Windows at full speed on top of Linux. Without this technology, Xen can use only a modified, open source distribution, such as Linux, NetBSD, or FreeBSD.


How Xen works

&^B?$KPQ[0Xen is actually a very small operating system that has the sole goal of managing the resources of virtual machines. On top of the Xen OS runs what would previously have been called thehostOS -- the main operating system for the machine. Unlike VMware, the host OS (known asdomain 0or justdom0in Xen terminology) is a virtual machine, but has special privileges assigned to it so that it is more responsive.


,L#y)e7ve B0The domain 0 VM is where you control Xen, and where you start other guest VMs -- known asunprivileged domainsordomU. You can start as many as you want, with the only real limit being the amount of RAM in your machine. Because the domU OS is fully aware of its status as a Xen virtual machine, Xen lets you change the amount of RAM in a VM while it's running, with the exception that you can't go above the initial allocation of RAM.


$c/gC.q6D"?D0w0Fedora Linux specifies a minimum system requirement of 256MB RAM, which means that if you are to run Fedora on top of Fedora, you need at least 512MB RAM. Keeping in mind that Xen uses a very small amount of RAM for itself, you should ideally have at least 768MB of RAM to be able to run two operating systems side by side at full speed.51Testing软件测试网"SXryy&w@,P


Note that if you have tried Xen on old versions of Fedora, you no longer need to disable SELinux to get Xen to work.

!U q k u,HG-d0

Installing Xen

51Testing软件测试网F `R/E D

The first step is to convert your current OS to a virtualized guest OS. This is actually a very easy thing to do because, as discussed, domain 0 has special privileges -- such as the capability to access hardware directly. As a result, you do not have to reformat your machine: dom0 reads straight from the disk, uses the graphics card, uses the sound card, and so on.

,VK.K2L0^.NB!B051Testing软件测试网{ T7gEKz]%Q yM

To get started, go to Applications -> Add/Remove Software. From the window that appears, choose List view, and then select the following packages:kernel-xen,vnc, andxen. Thekernel-xenpackage provides a Linux kernel that is configured to run on top of Xen without any special privileges, as well as a Linux kernel designed to be used as dom0 so it can access hardware directly. Thevncpackage is there to make VM management much easier. Finally, thexenpackage gives you all the tools you need to create and manage virtual machines. Along with these packages, there are several other dependencies that Fedora will automatically resolve for you, so just go ahead and install all the packages.51Testing软件测试网F"L }:{^

5P0yR \7jMd&U0Because you have installed two new kernels, Fedora updates your GRUB boot configuration to make them bootable, but leaves your original, non-Xen kernel as the default. Switch to root and bring up /boot/grub/grub.conf in your favorite text editor. Look for the line"default=2"and change it to read"default=0". This might vary on your machine -- set it to the position of the Xen hypervisor kernel in the grub.conf file, remembering that Grub counts from 0 rather than 1. That is, the first OS in the list is considered to be number 0. Note that you should not set the guest kernel as the default because it willnotboot -- it is designed only to be created on top of the hypervisor (dom0).

8gr4k*s4` GC#M'DoI0

qm"TIh @ Q'wA0Save your changes and reboot, making sure that your new hypervisor kernel is the one that boots. Your system should restart as normal, and you will probably not notice anything different beyond a smattering of "XEN" at the very beginning of the boot phase. But when you are back in control, open a terminal and rununame -r. It should tell you that you are running the Xen hypervisor kernel.


_c7g"]K%x:QA0At this point, you are already running as a virtual machine on top of the Xen kernel, but there is no way for you to communicate with the Xen kernel and thus manipulate the virtual machines on the system. To do that you need to start the Xen daemon, which provides the link between dom0 (where you are working) and the Xen kernel underneath.


Runps aux | grep xend. If you do not seexendin the resulting listing, you need to start it yourself by switching to root withsu -and then runningservice xend start. Now run the commandxm list, which prints out a list of all the virtual machines that are running and how much RAM they have allocated -- you should seeDomain-0, which is your current system, in the list.


Setting up guest operating systems

51Testing软件测试网 u \)y#p7EH U

The output fromxm listprobably shows that domain 0 is taking up all the RAM on your system, which means there is no room to create a new guest OS. Fortunately, you can resize that memory usage downward to make space: Run the commandxm mem-set Domain-0 256to have domain 0 use 256MB RAM. This is the bare minimum for a Fedora install, so expect some slowdown -- if you have more than 512MB RAM, we recommend you allocate more to each VM.

r{*Z l8E5]0

K%h {%Q%]uU0Creating a domU VM on Fedora is handled with thexenguest-install.pyscrīpt, which you should run as root. You are asked to do the following things:

L f2`U-b | M3U_d0
  1. e vE%jE.x(BP v0Give your virtual machine a friendly name (for example, FCUnleashed) so that you can differentiate between it and other virtual machines.

  2. 51Testing软件测试网#S T2XW%[i};a

    Allocate it some RAM, with the minimum being 256MB; more is better.

  3. t&pmx Sj-V0Choose where it should save its files. Xen uses a loopback filesystem so that all of a VM's files are stored in just one file on domain 0. Enter something like /home/paul/vms/fcu.img.

    ;DLB zL:a0
  4. 51Testing软件测试网'e,` LW/\3k8E$} FA

    Select how big the virtual disk should be. For a basic install, around 4GB should be enough.51Testing软件测试网-Vn f9g!h\ L P8~'U W

  5. 51Testing软件测试网4n,T;`*K3|'a

    Set the install location (the place from which Fedora should install). This needs to be an online resource, so enterhttp://download.fedora.redhat.com/pub/fedora/linux/core/6/i386.

    |m [wc3U0

Now sit back and wait. Downloading the necessary files can take quite a while, depending on your connection speed.

*RgoF~O;Y0A051Testing软件测试网 Ot.A*ZNFN4xn7R

Once your files have been downloaded, the normal Fedora installer (Anaconda) will start, and will ask whether you want to install using text mode or VNC -- choose Start VNC so that you have a graphical install. Xen's guests do not have direct access to the hardware, which means they have nowhere to display graphics. VNC lets you have your Xen VM render its graphics to your dom0 display inside a window, which means you can work with multiple VMs simultaneously. When you select Start VNC, you are prompted to enter a password. Click OK and you see the VNC address to which you need to connect. This address should look something like, where the :1 is the number of the VNC display.

'z h"H \ t1}Vk051Testing软件测试网E(iR]vo U:x

Back on dom0, you should have installed VNC Viewer at the start of this chapter, so go to Applications -> Accessories -> VNC Viewer. Now enter that address (including the :1 or whatever it is for you) and click Connect. Enter your password when prompted. VNC starts and you see the Fedora installer. Depending on the resolution of your screen, the Fedora installer might not fit entirely on the screen; in that case, you have to use the scrollbars to get around.51Testing软件测试网m,Jd F M


The installer is as normal from here on in, except of course that it is using the virtual disk you created earlier so you have only a small amount of space. It might refer to your hard disk as something like /dev/xvda -- do not worry about that.

op1B8D P"s0

Runtime configuration

L4fWc mlb4M0Now that your guest OS is up and running, you can start trying out more of the features of thexmcommand on dom0. You have already seenxm mem-set, which alters the amount of memory allocated to a machine. This works because the domU VM is aware of its virtualized state and can therefore handle having memory taken away. This extends further: You can usexm shutdown yourvmto have Xen politely request the VM to shutdown. On Linux, this goes through the whole shutdown sequence properly, ensuring that the machine is cleanly terminated. If you want an immediate shutdown, usexm destroy yourvm, but make sure the virtual machine is in a safe state first -- if you have a text file open and unsaved, for example, it will be lost.

'U s0FF`wId0

G-^9c E]1DMC0Thexmcommand can also be used to save snapshots of a virtual machine, rather than just switching them off. To do this, usexm saveyourvm yourvm.state. That command essentially saves the RAM of theyourvmVM (changeyourvmto whatever you called your virtual machine) to a file and then turns off the VM. To restore a saved state, just usexm restoreyourvm.state. If you want to create a virtual machine from a configuration file, usexm create -c yourconfig. Note that Xen searches the directory /etc/xen for configuration files, and that each VM must have a unique name assigned to it and set in the configuration file.

K2Xe-q _M#MJ0x0

%Wm5Y{o)T I)M3b0You can connect to the console of any virtual machine by runningxm console yourvm. To exit from a console, press Ctrl-] (Control + right bracket). This does not shut down the VM; the VM continues to run, but you are no longer connected to it and have to usexm connectto reconnect.


!Mt9s gUI.Xt0TIP:The configuration files in /etc/xen are in text format and so are easily edited. For example, if you want to change the number of CPUs a VM sees, look for thevcpussetting. Note that these arevirtualCPUs rather than real ones -- you can set this to8and have your guest see eight CPUs, even if your actual machine has just one. This is a great way to test a cluster without going beyond your desktop!

S ^~,`"^5~~A051Testing软件测试网;b D6Y.A O"z#[-Rf`0I

Related Fedora and Xen commands51Testing软件测试网;c Vu8C1_9F%Nm'G

51Testing软件测试网x D,Xs|1w

The following commands are useful for working with Xen on Fedora:

  • 51Testing软件测试网PAkZ+UK Jw}n

    virt-manager-- Red Hat's new graphical Xen management system

    2f4MuZf x8wCzre0
  • A'qE;KHB b0vncviewer-- Lets you connect to the graphical output of a Xen VM51Testing软件测试网[M4RyF$^C{ d&l

  • 51Testing软件测试网^\ |O/^ E(XR*}

    xend-- Starts and stops the Xen daemon without using theservicecommand

  • $` `1S{;W&u,y}0xenguest-install.py-- A helpful scrīpt that generates configuration files for you

  • 51Testing软件测试网)my+`X8y i&]']

    xm-- Lets you manipulate the state of virtual machines while they are running

51Testing软件测试网-AWk5\6d%r ~!Ow.{9e8b9r

Copyright © 2007 Pearson Education. All rights reserved.

#Q}*| h5p.]0

0ZVBKNMg0原文链接:http://www.linux.com/feature/11934951Testing软件测试网R b5?jT/s"fb/p

51Testing软件测试网ox"s _5v&u CG


O-i b{;{051Testing软件测试网MP?.g!`S;Tnl

虚拟化技术的方法, 架构和实现概览51Testing软件测试网3~#@UmPJ

级别: 中级51Testing软件测试网7r$pM#t`b
M. Tim Jones [mtj@mtjones.com], 顾问工程师, Emulex
Y~7YfS[P0原文:Virtual Linux
4G*o Qj?.n0译: 赵珂 cn.zhaoke.com51Testing软件测试网VZ7]@W#R'Jh
http://blog.zhaoke.com/45.html51Testing软件测试网;F q6m V!M


^zw S rkH5Z0

"x+]7^ c+Oe{0虚拟化技术的应用十分广泛. 当前虚拟化技术主要关注于服务器的虚拟化, 或在单个主机上寄存多个独立的操作系统. 本文首先介绍虚拟化技术的原理, 然后讨论多个虚拟化技术的实现方法. 另外介绍了一些其它的虚拟化技术, 比如Linux上操作系统级的虚拟化技术.

5R9o%} g4^~]7T051Testing软件测试网x_9j2P)`!kl


ly`C-kEp Q0虚拟化把事物从一种形式改变为另一种形式. 计算机的虚拟化使单个计算机看起来像多个计算机或完全不同的计算机.51Testing软件测试网2{z[ mB}R)d

y2X!m:PP!zz0f0D0虚拟化技术也可以使多台计算机看起来像一台计算机. 这叫做服务器聚合(server aggregation)或网格计算(grid computing).51Testing软件测试网D I r$`B z p%];k


首先我们回顾一下虚拟化技术的历史.51Testing软件测试网(Q ["F;P%R9j6NL



? V~sf#J\^e0虚拟化技术不是一个新的主题; 实际上, 它已有40年的历史. 最早使用虚拟化技术的是IBM 7044计算机, 它是基于MIT(麻省理工学院)为IBM704计算机开发的分时系统CTSS(Compatible Time Sharing System), 和曼彻斯特大学的Atlas项目(世界最早的超级计算机之一), 首次使用了请求调页和系统管理程序调用.

/a(wGA$I pE051Testing软件测试网,_$kv.lU.z3o/P Z

硬件虚拟化51Testing软件测试网Xx$[|D9oa { am1b


IBM早在1960年就认识到虚拟化技术的重要性, 于是开发了型号为Model 67的System/360主机. Model 67主机通过虚拟机监视器(VMM, Virtual Machine Monitor)虚拟所有的硬件接口. 在早期的计算中, 操作系统被称做Supervisor. 能够运行在其它操作系统之上的操作系统被称做hypervisor(名称首次出现在1970年).


2mE J;mE7D_0VMM直接运行在底层硬件上, 允许执行多个虚拟机(VMs). 每一个VM(虚拟机)运行自己的操作系统实例 -- 早期时候称为CMS, 或会话监视系统(CMS, Conversational Monitor System). 然后VM继续发展. 今天你能够在System z9主机上发现VM, 它能够向后兼容, 甚至是System/360.

sJn7g~SM~{!J051Testing软件测试网 p#ni/tI8X*M dr


5m cdyYN.HDH0另外一个早期使用的虚拟化技术, 仿真处理器, 也叫做P-code(or pseudo-code)机. P-code是一种机器语言, 运行在虚拟机上而不是实际的硬件. 知名的P-code语言在1970年由加州大学圣地亚哥分校的Pascal系统项目组开发. 它可以把Pascal程序编译成P-code代码, 然后在具有P-code功能的虚拟机上运行. P-code程序具有高度可移植性, 能够运行在任何具有P-code功能的虚拟机上.


"g&jb/`Y1a/G!k01960年的BCPL语言(基本组合程序设计语言, Basic Combined Programming Language)也使用了同样的概念, 它是C语言的前身. 编译器首先把BCPL代码编译成一个中间机器代码: O-code. 然后, O-code被编译成目标机器代码. P-code模型已被广泛使用到各种编译器当中, 从而为编译器移植到新的主机架构提供了复杂性.(通过一个中间语言分成前端和后端).

-h'J ^!ed l@j051Testing软件测试网eLw6NP.N] hu

Java虚拟机也采用了P-code模型. 从而我们可以简单通过移植JVM程序到新架构的机器上来广泛发布Java程序.51Testing软件测试网.we#SF8\x/e{{Z

a#]$i+i WF W^0指令虚拟化51Testing软件测试网$B7LSu}s&Rg0H9c8s


近来频繁出现的虚拟化概念: 指令虚拟化, 也叫做二进制翻译. 在这个模型中, 虚拟指令被动态翻译成底层硬件的物理指令. 程序执行后, 代码一段一段地被翻译. 如果出现分支, 一套新的代码指令将被引入和翻译. 这十分类似于缓存操作, 指令块从内存移动到本地的快速缓存内存中执行.

q W6})zJ(AD0T051Testing软件测试网*C0xs)wk9K

近来Transmeta公司设计的Crusoe中央处理器使用了该模型. 二进制翻译由Code Morphing专利技术实现. 类似的一个实例, 全虚拟技术通过使用动态生成代码扫描来发现和重定向特权指令(解决特殊处理指令集中的问题).


[ W gIO ky%aZ0虚拟化技术的类型51Testing软件测试网n0^3u&C}"}ck


现在不只存在一种虚拟化技术. 事实上有多种方法可以使用不同层次的抽象来实现同样的结果. 本章介绍Linux上三种最常用虚拟化技术的优点和弱点. 业届有时使用不同的术语来描述同一个虚拟化技术. 为了保持连续性, 下面使用的术语参考了其它的术语.

f/[_Jy6h5]051Testing软件测试网B \v5E;Jv1I


l AWY)eF}0一篇虚拟化技术的文章如果没有提到复合式大型电玩模拟器(MAME)就不是一篇完整的文章. MAME, 就如名字一样, 是一个能够模拟以往arcade游戏的机器模拟器(全部). 做一个补充, 整个机器是被虚拟的, 包括声音和图形还有控制硬件. MAME是一个非常棒的应用程序, 你也可以通过仔细阅读源码来了解它是如何实现的.51Testing软件测试网8n D p(tkZ8VZ&e

51Testing软件测试网5Brv5o ~ J2^l!l


-NCY"e:V"j(Xq(_0无可否认, 最复杂的虚拟化技术是硬件模拟器. 在这个方法中, 首先在主机系统上创建硬件VM, 然后模拟硬件的功能, 如图1显示:


0gL/nR a0H t0图1. 硬件模拟器: 使用VM模拟需要的硬件51Testing软件测试网X-q N2T3r1n)m
51Testing软件测试网#[+r L%xX@

51Testing软件测试网{ WI Hrx

正如你可能猜到, 硬件模拟器的主要问题是速度极慢. 因为每一个指令在底层硬件都需模拟, 所以速度慢了100倍. 高保真模拟还包含了循环校验, 用于模拟CPU的管道和缓存行为, 实际速度会慢了1000倍.51Testing软件测试网 B F~F}U0F!K


硬件模拟有自己的优点. 比如, 使用硬件模拟, 你能够在基于ARM处理器的主机上模拟运行基于PowerPC未经任何修改的操作系统. 你甚至能在每个不同模拟处理器上运行多个虚拟机.51Testing软件测试网m7Ok2E'L1h3g5\ unb4E


b~-w+n1B0硬件模拟器最有意思的一个应用是firmware(固件)和硬件协作开发. firmware开发人员无需等待最新硬件的推出, 他们可以使用目标硬件的虚拟机来验证实际代码中的许多概念.51Testing软件测试网9n Q t+f,O8Z:t!e



8})})l+g c T*sv0全虚拟化(Full virtualization), 也称为原始虚拟化技术, 是另一种虚拟化方法. 该模型使用虚拟机协调客户操作系统和原始硬件(见图2). 这里"协调"是一个关键词, 因为VMM在客户操作系统和裸硬件之间用于工作协调. 一些受保护的指令必须由Hypervisor(虚拟机管理程序)来捕获和处理. 因为操作系统是通过Hypervisor来分享底层硬件.


"^M5I-\Qq0图2. 全虚拟化: 使用Hypervisor分享底层硬件51Testing软件测试网2da|K8A xF:P

H]K od"X)g0

mv7R0R~@,m0全虚拟化的运行速度要快于硬件模拟, 但是性能方面不如裸机, 因为Hypervisor需要占用一些资源. 全虚拟化最大的优点是操作系统没有经过任何修改. 它的唯一限制是操作系统必须能够支持底层硬件(比如, PowerPC).

-[,t T%WtXs1QO051Testing软件测试网1hI-FzK \~zy[up

Ko'A2f MB,}0一些老的硬件如x86, 全虚拟化遇到了问题. 比如, 一些敏感的指令需要由VMM来处理(VMM不能设置陷阱). 因此, Hypervisors必须动态扫描和捕获特权代码来处理问题.51Testing软件测试网W'};][A$V1r"ZYG

51Testing软件测试网op:CA*^ is5`


&E-bEr'BpR051Testing软件测试网6Jn ^`(FC#O~I

半虚拟化(Paravirtualization)是另一种类似于全虚拟化的热门技术. 它使用Hypervisor(虚拟机管理程序)分享存取底层的硬件, 但是它的客户操作系统集成了虚拟化方面的代码. 该方法无需重新编译或引起陷阱, 因为操作系统自身能够与虚拟进程进行很好的协作.51Testing软件测试网xz!qn.J-C

/G3B p @ ZtQ0图3. 半虚拟化: 通过客户操作系统分享进程
M)_"_k V7W*Q051Testing软件测试网E*]2}9oHpfG

"OQ(toW8jKM0上面提到过, 半虚拟化需要客户操作系统做一些修改(配合Hypervisor), 这是一个不足之处. 但是半虚拟化提供了与原始系统相近的性能. 与全虚拟化一样, 半虚拟化可以同时能支持多个不同的操作系统.

1`9f"RV(I H051Testing软件测试网*T's5[U+Qx\([


@ Oq3MGlzq0

k{F+Z0E0最后一个我们需要了解的虚拟化技术是操作系统级的虚拟化(Operating system-level virtualization), 它使用不同于上面的虚拟化方法. 该技术在操作系统之上虚拟多个服务器, 支持在单个操作系统上简单隔离每一个虚拟服务器(见图4).

m/NH,D Z,q051Testing软件测试网/i4kxuj8f

图4. 操作系统级的虚拟化: 隔离单个服务器

}y5A dcl2H}B051Testing软件测试网)m*\Iuk)I

操作系统级的虚拟化需要修改操作系统内核, 它的优点是具有原始主机的性能.51Testing软件测试网3M)V"f!j&s R4c


为什么虚拟技术如此重要?51Testing软件测试网9R4Z'g @X/B|

b`7T4z;It0在了解当今主流的linux虚拟化技术之前, 我们先来看虚拟化技术的优点.51Testing软件测试网w7y*xJTVTKz


从商业角度来看, 使用虚拟化技术有非常多的原因. 不过大多是用于服务器加固. 简单来说, 如果你能够在单个服务上虚拟多个系统, 这样少数的几台计算机显然能够节省耗电, 空间, 冷却和管理开支. 考虑到确定服务器利用状况的困难, 虚拟化技术支持动态迁移(Live Migration). 动态迁移允许操作系统能够迁移到另一台全新的服务器上, 从而减少当前主机的负载.

2N~(y:da j d0

0I4V"A2Qf\ [H0虚拟化技术对开发人员来说也非常重要. Linux内核占用了一个单一的地址空间, 这意味内核或任何驱动程序错误都能导致整个操作系统停止工作. 而通过虚拟化你可以运行多个操作系统, 如果其中一个系统由于错误而宕机, Hypervisor和其它的操作系统不会受到任何影响. 这对调试内核来说就如同调试用户空间程序一样.

H Q!u4Po Wl*m-@051Testing软件测试网(Q O4E i t



"[r Eb g![+JR0表1显示了几个可能加入到Linux(内核)的虚拟化技术, 主要关注于开源.

n mR[v {051Testing软件测试网|$w4Dh9` z

表1. Linux相关的虚拟化项目51Testing软件测试网$I X c#{"I

项目      /        类型      /      许可证
M6K d4fr8~0Bochs              模拟器          LGPL51Testing软件测试网.A)`8r'JZ T0F
QEMU              模拟器          LGPL/GPL
"L;l&?+| H%x`0VMware           全虚拟化        闭源
E/N'LC?0z/VM               全虚拟化        闭源
(iiE*e5X#A0Xen                半虚拟化         GPL51Testing软件测试网 W Q2qSE4I!Z g
UML               半虚拟化         GPL51Testing软件测试网@2f b.F2b'r Yce
Linux-VServer  操作系统级虚拟化  GPL51Testing软件测试网?j)?6V2H g;m
OpenVZ          操作系统级虚拟化  GPL

;QO:[s)}-UQ051Testing软件测试网!u~ t1M^

g:g7t@3W#i0更多其它的虚拟化技术, 请查阅参考资料栏目.51Testing软件测试网#wa&v@ALf*v

51Testing软件测试网}2Of {_T4@



Z U(u A t [q%Q&}P0Bochs是一个仿真x86 CPU的计算机模拟器, 它具有可移植性和可运行在多种平台上, 如x86, PowerPC, Alpha, SPARC和MIPS. Bochs的优点是不仅能模拟处理器, 而且能模拟整台计算机, 包括外设如键盘, 鼠标, 视屏图像硬件, 网卡等.

{m{/n1d5s051Testing软件测试网 x:|y'|Z f

Bochs能被配置成一台老的Intel 386计算机, 或更新的处理器如486, Pentium, Pentium Pro, 或64位处理器. 甚至能模拟图形指令如MMX和3DNow.

|_}.fl.j051Testing软件测试网|xo'{ Ej"\3K*]

你也能够通过Bochs模拟器在Linux系统上运行任何Linux发行版, 还有Microsoft® Windows® 95/98/NT/2000(和多种应用程序), 甚至是BSD操作系统(FreeBSD, OpenBSD,等).

L/?QP%z7Hf(|\y-z051Testing软件测试网Q b:i e'J


T3rg2^M&eG j;r9ZN051Testing软件测试网XGo W7DC

这里没有讨论另一个虚拟化技术, 它通过库来模拟操作系统的一部分. 比如Wine(一部分为linux开发的win32 API)和LxRun(一部分为Solaris开发的Linux API).51Testing软件测试网+D1@G~ U

~4e!yT] ggDG0QEMU(模拟器)51Testing软件测试网#N-\/D:n2lI7IR5o

HR[f w#q n Vd0QEMU是另一个类似于Bochs的模拟器, 它有一些值得注意的地方. QEMU支持2个操作模式. 一个是全系统模拟模式. 该模式类似Bochs模拟整个计算机系统(包括处理器和外设). 而且能在合理的速度下使用动态翻译模拟一些处理器架构如X86, X86_64, ARM, SPARC, PowerPC和MIPS. 你还可以在Linux, Solaris和FreeBSD系统上模拟Windows系统(包括XP)和Linux系统. QEMU支持其它的操作系统组合(更多信息见参考资料栏目).


S SP^'[[^,d0QEMU的第二个模式: 用户模式模拟. 该模式能寄存在Linux上, 不同平台的二进制程序也能运行. 比如, 一个MIPS平台上的二进制程序能够运行在x86平台上的Linux系统. 其它支持的平台包括ARM, SPARC和PowerPC, 而且还有更多正在开发的平台.

%kF g0tBf(O0`F0

5YDTN e8hj!k0VMware(全虚拟化)51Testing软件测试网o7fJ8I-\y


VMware是一个商业级的全虚拟化技术. Hypervisor是客户操作系统和硬件之间的抽象层. 该抽象层允许任何其它客户操作系统运行在主机操作系统之上.

$^w ]G"\2S0

8P oBt#f[pb xh$k0VMware也能虚拟I/O硬件, 增加了高性能设备驱动到Hypervisor中.51Testing软件测试网;Z+kfl(yl


整个虚拟(机)环境实际上是一个单独的文件, 这意味整个系统(包括客户操作系统, 虚拟机和虚拟硬件)可以简单快速地整合到一个新的主机, 从而实现负载均衡.



bK A^*k/mo PA#A!D051Testing软件测试网 BAGE2l7t(B5R

当IBM System z™是一个全新名称的时候, 事实上可以追述到1960年. System/360在1965年使用虚拟机方法实现了虚拟技术. 令人感兴趣的是System z能够与最老的System/360系列主机兼容.

H1cfPvl [c051Testing软件测试网P#r9psY3jWyO

z/VM®是System z操作系统的Hypervisor. 核心程序是控制程序(CP), 向客户机操作系统提供硬件资源虚拟, 包括Linux(见图5). 允许在多个客户操作系统上虚拟多个处理器和其它资源.


5T"l(` p1[$o s0图5. 使用z/VM的操作系统级虚拟化技术51Testing软件测试网 l.l3X0l%aq#\*V*L

| PEb(M,IG0

,{:?/v A#_0z/VM可以为那些需要相互通讯的客户操作系统虚拟一个客户局域网(LAN). 整个客户局域网位于Hypervisor中, 所以很安全.51Testing软件测试网wc8wBd


Xen(半虚拟化)51Testing软件测试网y2J#D}B0V ]-g


Xen由XenSource开发, 一个开源免费的操作系统级准虚拟技术. 回顾一下半虚拟技术, Hypervisor和操作系统共同协作, 虽然操作系统需要做一些修改, 但是性能上比较接近于原始性能.51Testing软件测试网({:^vD&Xm}

51Testing软件测试网;H"va lB$Jn

Xen需要与系统共同协作(客户操作系统需要修改), 只有打过补丁的系统才能使用Xen. 从Linux角度来看, Linux本身是开源的, 结果是Xen的性能要好于全虚拟化技术. 但是从系统支持(比如支持其它非开源的操作系统)的角度来看, 这显然是一个不足之处.51Testing软件测试网?GS_1R"k

51Testing软件测试网9A D N"a$jI5bb;Pu

在Xen上可以运行Windows客户机, 但需要Intel Vanderpool或AMD Pacifica处理器的支持. 其它支持的操作系统包括Minix, Plan 9, NetBSD, FreeBSD, 和OpenSolaris.51Testing软件测试网J8fFr3P.F'e

51Testing软件测试网g0d/vQ t r:XQ)H


.YV1u UNt0

P8kr2[;i``0用户模式Linux(UML, User-Mode Linux)支持在linux系统的用户空间运行其它Linux操作系统. 每一个客户操作系统是主机Linux系统上的一个标准的进程(见图6). UML允许多个Linux内核(有自己的用户空间)运行在单个Linux内核之中.


| j1Zo!}*^U7s0图6. 用户模式Linux: Linux寄存51Testing软件测试网0}\#w5By"@}


v NJ2K4sIL D0在Linux 2.6内核中, UML存在于主内核树中, 但是必须打开和重新编译才能使用UML. 一些修改包括, 设备虚拟, 允许客户操作系统分享存在的物理设备, 比如块设备(磁盘, CD-ROM, 和文件系统), 控制台, 网卡, 声卡等.51Testing软件测试网m-Q\?ML-z1\

w,\n&x6Qm+I0注: 客户操作系统内核运行在用户空间模式, 内核必须专门编译才能在客户系统中使用(可与主机操作系统内核版本不同). 整个主机存在两套内核, 一个是主机内核(直接位于物理硬件之上), 另一个是客户内核(运行在主机内核的用户空间之中). 这些内核甚至可以相互嵌套, 允许客户机内核运行在另外一个客户机内核之中.

"Q*F ~r:\051Testing软件测试网 ]S(ha*ck`

Linux-VServer(操作系统级虚拟化)51Testing软件测试网|y`/|@}&~ k

51Testing软件测试网 nW;Lh8ZbD

Linux-VServer是操作系统级的虚拟化解决方案. Linux-VServer虚拟Linux内核, 可以有多个用户空间环境, 也称做虚拟专用服务器(VPS), 各个VPS各自独立运行. Linux-VServer是通过修改Linux内核来隔离用户空间.

1C:IM8B2Mq$x%Lo)I051Testing软件测试网K ~;];l,gQS*x5N

为了隔离每个单独的用户空间, 我们先了解上下文环境. 上下文是一个VPS进程的容器, 因此我们可以使用ps等工具来了解vps进程的状况. 系统首次初始化后, 内核定义了一个缺省的上下文, 管理端能够查看所有的上下文(所有正在执行的进程). 你会猜到, 内核和内部数据结构需做一些修改来支持虚拟化.51Testing软件测试网1e2Xox b }u `

x(y-U }*cQr0Linux-VServer使用chroot隔离每个VPS的root目录. 我们知道chroot允许指定新的root目录, 但需额外的功能(叫做chroot-Barrier)来限制VPS不会跨越到上级目录. 在设定一个隔离的root目录后, 每一个VPS有自己的用户列表和root口令.

H.XFpYdJ0^ M051Testing软件测试网+| sW[(}T

Linux 2.4和2.6内核支持Linux-VServer, 可运行在许多平台上, 包括x86, x86-64, SPARC, MIPS, ARM和PowerPC.51Testing软件测试网"D:z'_ v|pZ!W



OpenVZ是一个类似于Linux-VServer的操作系级级虚拟化解决方案. 它有一些自己独特的地方. OpenVZ是一个内嵌虚拟化的内核(修改过的), 它支持用户空间隔离, 虚拟专用主机(VPS)和一套用户管理工具. 比如, 你可以通过下面命令简单创建一个新的VPS:51Testing软件测试网l3z^ D R `;d

k2Wa%]4J.cf0列表1. 从命令行创建一个VPS

,f6k%U?f3o051Testing软件测试网Gf@$A Z!v_)DD)y

$vzctl create 42 --ostemplate fedora-core-451Testing软件测试网w$TWyPP-Ig
Creating VPS private area 正在创建VPS专用区域
,LlGn2b\0VPS private area was created VPS专用区域成功创建51Testing软件测试网:]rX\y4p{V
$vzctl start 42
"X| |J/]|0Starting VPS ... 启动VPS
`8C] \G Y3p*t0VPS is mounted 加载VPS分区

J Gq'q Uc [y}c051Testing软件测试网2H'M F@0k5U

你也可以使用vzlist命令列出所有已创建的VPS, 这有点类似于标准的Linux命令ps(查看进程的状态).

Cx9E;Z'~'^BI051Testing软件测试网J Z.FC$o%? Y0[

OpenVZ包含一个两级的CPU调度器来调度进程. 首先, 调度器确定需要使用CPU的VPS. 然后第二级调度器根据进程的优先级来执行vps进程.

xxM:g ]x#B5z1]~0

/l [w"S h0OpenVZ支持beancounters. 一个beancounters包含了定义vps资源属性的许多参数. 这为vps提供了控制, 定义多少可有内存, 多少可用IPC资源, 等.

5z,Wf$_*V H;\051Testing软件测试网0^bb+nW

OpenVZ独特的地方是能够设置检查点和vps迁移(从一台服务器迁移到另一台服务器). 检查点能够停止正在运行vps并保存当前状态到一个文件. 该文件在迁移过程中可用于在新服务器上恢复运行VPS.51Testing软件测试网U]-}8}d"nJ

Y_p]sw]6r-{Mq0OpenVZ支持许多硬件结构, 包括x86, x86-64, 和PowerPC.

|l4d,H1L7B M!KiK051Testing软件测试网7vC{f'@`` i


pD4y q1T'Tb\ |051Testing软件测试网h0T2Q)VNo \ s?2z

回顾一下IA-32(x86)体系结构上存在的一些问题. 某个特权指令不能够引起陷阱, 可基于模式返回不同结果. 比如, x86的STR指令可以获取安全状态, 但返回值是基于特别请求者的权限级别. 当试图在不同级别虚拟不同操作系统的时候是一个问题. 比如, x86支持4环保护, 0级(最高权限)通常运行操作系统, 1和2级支持操作系统服务, 3级(最低级别)支持应用程序. 不过硬件厂商已经认识到这些问题(和其它的问题), 而且开发了新的设计来支持和加速虚拟化技术.51Testing软件测试网THrfB/n"Qp

51Testing软件测试网Rn'sa%mw`V ]r/@

Intel正在开发新的虚拟技术, 能在x86(VT-x)和Itanium(VT-i)结构上支持Hypervisors. VT-x支持两个新的操作. 一个是VMM(root), 另一个是客户操作系统(非root). root方式具有最高权限, 而非root方式是非特权的(甚至ring 0). 结构方面也支持自定义指令(使用vmm)终止VM(客户操作系统)和保存处理器状态. 其它功能请查阅参考资源栏目.51Testing软件测试网j+yx wOt GX

X&f d8K#g+d e x!S0AMD也正在开发硬件级的虚拟化技术, 代号为Pacifica. Pacifica维护了一个客户操作系统的控制块(通过特殊指令保存执行状态). VMRUN指令允许虚拟机(和它相联系的客户操作系统)运行直到VMM重新获得控制权(可自定义). 可配置性允许VMM为每一个客户机自定义权限. Pacifica也能使用主机和客户机内存管理单元(MMU)表来提高地址翻译.51Testing软件测试网'`Ps&RN4v_Z nVM!N

SX ]` Q&i we1Z0这些硬件虚拟化技术能够应用到许多的虚拟化技术当中, 包括Xen, VMware, User-mode Linux, 和其它的.

so)K_z ecZ#RQ1Z0

-byeO6qO{j2goR0Linux KVM(内核虚拟机)


/vRMzd8R#K CY|0最近的Linux新闻经常报道Linux 2.6.20内核增加了KVM虚拟化技术. KVM是全虚拟化的解决方案, 它的特点是系统内核通过添加内核模块使内核自身成为一个Hypervisor(虚拟机管理程序). 内核中的KVM模块通过/dev/kvm字符串设备显示被虚拟的硬件. KVM使用修改过的QEMU进程做为客户操作系统接口.51Testing软件测试网t(g[-r.i.\1L

7VWi8w1q:}$R*z0图7. KVM的虚拟化
[| e(b{ h0


|/ME7B;d:yF0KVM模块向内核增加了一个新的执行模式: 客户模式. 官方原始内核(vanilla kernel)支持内核和用户模式. 客户模式用于执行所有非I/O客户代码, 普通用户模式支持客户I/O.

&U`4|C+?t"~~9}{(B051Testing软件测试网1bM \Gn

增加KVM到Linux内核是Linux发展的一个重要里程碑, 这也是第一个整合到Linux主线内核的虚拟化技术. KVM将包含于2.6.20内核数中, 现在你也可以通过内核模块方式在2.6.19内核使用kvm. 当运行在支持的硬件(需Intel VT和AMD SVM处理器)上, kvm支持Linux(32和64为)和Windows(32为)客户机. 更多KVM信息, 请查阅参考资源栏目51Testing软件测试网3eR-i'\3r.Q



bAE }-Ux)hS0虚拟化技术是一个新的而且重要的领域, 如果"新"包括了过去的40年. 在过去它已经使用于许多场合, 但是现在最主要的一个焦点是服务器和操作系统的虚拟化. 比如像Linux, 虚拟化给性能, 可移植性和复杂性提供了许多选项. 这也意味者你能够为你的应用程序和项目选择最合适的虚拟化方法.51Testing软件测试网zQ p c r,k5s

51Testing软件测试网B\Qpr D

参考资源51Testing软件测试网4_ [._,l9Sv?#bt

51Testing软件测试网SM-wX7pr _

学习51Testing软件测试网!|d3] O TwM


您可以参阅本文在 developerWorks 全球站点上的英文原文51Testing软件测试网 R*KO z~y

$A6m}ov:` Af0如果你不熟悉IBM系统,New to IBM Systems页面提供了大量有关System i, p, x, z,等的详细信息.

Wb$Rx I:\Q0

s.T,f/C5m7~0IBM的网格计算基于一套开放的标准和协议, 通过虚拟分布式的计算机来创建一个单一强大的系统.

?^N Qk051Testing软件测试网-fC1Q6rD6w4D/o~y

developerWorks Linux 专区中可以找到为 Linux 开发人员准备的更多资源.


6?!V~dFlwk0随时关注developerWorks 技术事件和网络广播.



k"`2r2ab-C Vm7Ks051Testing软件测试网+|d[4^e t.Hu Y

BochsQEMU是PC模拟器, 允许如Windows或Linux运行在linux操作系统的用户空间.51Testing软件测试网L"f&\S5o%V;m

|*|2U-Jb'y}U0VMware是一个流行的全虚拟化解决方案, 能够虚拟无需修改的操作系统.51Testing软件测试网7}T1L6d#xv\t

8g } k,m6Vu-Hc0z/VM是一个最新的基于64位z/架构的虚拟机操作系统. z/VM提供全虚拟化和支持大多的操作系统, 包括Linux.51Testing软件测试网`ia\!a5Mo4B

51Testing软件测试网p1V,lc&}7EP P

Xen是一个开源的半虚拟化解决方案, 需修改客户机的操作系统, 通过与hypervisor的协作能获得接近于原始系统的性能.51Testing软件测试网*wL&? zz G-Is

.P ^7^CcX0User-mode Linux是另外一个开源的半虚拟化解决方案. 每一个客户操作系统是主机操作系统的一个标准进程.51Testing软件测试网zj\}C

DQ}'ji5]?0coLinux, 或协作Linux, 是一个提供两个操作系统共同分享底层硬件的虚拟化解决方案.51Testing软件测试网!q%T0{'B0l&[l/R

51Testing软件测试网Py7AXKPB4n M

Linux-Vserver是一个linux上的操作系统级的虚拟解决方案, 每一个客户服务器都被安全的隔离开来.51Testing软件测试网-p u c+W h]0O!gG

G'M^9?t4}2t0OpenVZ是一个操作系统级的虚拟化解决方案, 支持检查点和动态迁移.51Testing软件测试网7b^.J/X)p5si {Q

51Testing软件测试网oW1Z+g T

Linux KVM是第一个整合到Linux主线内核的虚拟化技术. Linux内核在载入一个内核可加载模块(kvm)后, 内核自身成为了一个Hypervisor程序, 如果有合适的硬件支持(Intel VT或AMD SVM处理器), 系统可运行未修改过的linux和windows客户机操作系统.


订购免费的 SEK for Linux,这有两张 DVD,包括最新的 IBM for Linux 的试用软件,包括 DB2®、Lotus®、Rational®、Tivoli® 和 WebSphere®.


ePA:Z0|$q I_ D-a0在您的下一个开发项目中采用IBM 试用软件,这可以从 developerWorks 上直接下载51Testing软件测试网4| @4?g4aS M


%bFQ w}'f051Testing软件测试网P0s8u8cm2R$R G

通过参与developerWorks blogs加入 developerWorks 社区。51Testing软件测试网'\,{P`EL(r



Z4?[ {T ~HId x0Tim Jones 是一名嵌入式软件工程师,他是 GNU/Linux Application Programming、AI Application Programming 以及 BSD Sockets Programming from a Multilanguage Perspective 等书的作者。他的工程背景非常广泛,从同步宇宙飞船的内核开发到嵌入式架构设计,再到网络协议的开发。Tim 是 Emulex Corp. 的一名资深软件工程师。51Testing软件测试网,Uy&^ O)r*T


KVM虚拟化常见问题51Testing软件测试网T5Er-p"l hvE}
用户友好的Linux虚拟技术: KVM51Testing软件测试网4YS@ IC%I*I
KVM: 基于内核的虚拟驱动51Testing软件测试网7W I-p#p8btPK{
Linux内核2.6.20增加虚拟化解决方案KVM51Testing软件测试网S X Q*G$f`5CF9S7iI$_


)gy A"\7p7G}0转载请保持文章完整性, 欢迎到blog.zhaoke.com网站与赵珂交流.


TAG: 虚拟机 Linux系统配置 virtualization KVM Xen lguest QEMU Bochs PearPC Multi-tenancy





:loveliness: :handshake :victory: :funk: :time: :kiss: :call: :hug: :lol :'( :Q :L ;P :$ :P :o :@ :D :( :)

Open Toolbar