Development of Software for Virtual Machines

By Thomas Burger

This paper discusses why an independent software vendor should develop software for virtual machine environments and the software techniques that maximize software performance in a virtual machine environment and take advantage of Intel® Virtual Technology. Also discussed are the benefits of using virtual machines in software development and distribution.

Introduction: Why should an independent software vendor (ISV) develop for virtual environments?

The use of virtual machine (VM) technologies is becoming the industry norm. Virtualization is being used by a growing number of organizations to reduce server growth (and the associated power use, air conditioning, building space and land requirements), provide high availability for critical applications, and streamline application deployment and migrations. Virtualization can simplify IT operations and allow IT organizations to respond faster to changing business demands. Customers want to save money, increase their efficiency and free up valuable resources to take advantage of new opportunities.

VM is becoming the standard container for software distribution and packaging vehicle of choice for developers. It provides a straightforward mechanism that allows promotion of application best practices into a distribution package, dramatically simplifying the out-of-box experience for the user and support issues for the developer. Guaranteed environment integrity increases customer satisfaction and reduces vendor support costs.

Oracle* has had the 10g product available as a VM configuration for several years.

Virtual machine software costs have reduced, computer capacities and speeds have increased and hardware like Intel® Virtual Technology has added greater speed and capacity to virtual machines; Advances such as Virtual SMP - multiple CPU VMs are now available and tools are available for converting physical machines to virtual ones or making copies of virtual machines.

Finally, virtual machine software adds security. Each VM is isolated from the other and a crash or virus compromisation in one VM will not affect any other.

What does a virtual environment look like?

An operating system running on a physical computer controls the computer's hardware and only one operating system can control the hardware at any given time. Virtual machines get around the "one computer, one operating system" limitation using software called a virtual machine monitor (VMM) to allocate physical hardware resources to the virtual machines. The VMM allocates resources to each virtual machine's emulated hardware.

This diagram was copied from the Intel owned document: IntelrVirtualization Technology: A Roadmap Overview and Update by Rich Uhlig, Senior Principal Engineer, Corporate Technology GroupSession IVTS001 c2006 Intel Corporation

Using VM in Software Development

Software developers can realize benefits from the use of virtualization in several ways:

Sandboxing - A VM can be set up with specific configurations to ensure environment integrity for development and testing.
Disaster Recovery and High Availability - Crashed system can be very quickly restored from a virtual image. Secondary standby virtual machines take up no resources other than drive space and can be launched immediately when required.
Forensic Analysis - A snapshot of the virtual image can allow quick recovery and investigation of instabilities in beta tests.

Saving Resources

Physical resources are conserved by being able to a single machine to develop and/or test software in a variety of environments and platforms. It’s not just the initial purchase cost, computers use space, power, and maintenance resources.

Complex projects where environment portability is often an issue and testing needs to be done in many platforms. Virtual machines save time when duplicating a particular environment. A library of virtual hard disks that are pre-loaded with specific sets of software can be created so development and test teams can clone the disks and quickly replicate a particular environment. In the case of a crash the effort of reproducing the development environment is eliminated.

Security

Corporate security and standards can easily be met with a development environment deployed in a VM. A VM image can be shared with colleagues or used to create a VM on personal computer at home “sandboxing” the virtual machine, isolating it from your personal computer, to satisfy corporate security requirements.

New tools for software development and testing can be installed on a virtual machine without jeopardizing a primary setup. A copy of the standard environment is created on a new virtual machine and the new tools can be installed to see how they perform without jeopardizing a build.

Efficiency

Since all of the software is in virtual containers it can be move easily moved from virtual test environment to production easing migration from development to Q&A and the to the production environments.

Using virtual machine based development allows development and QA teams to use products like VMware Lab Manager, a Virtual Lab Automation (VLA) System providing self-service management of virtual machines for. A VLA increases productivity by reducing the time spent building, maintaining and re-building VM environments.

Limitations

A VM shares physical resources with other running virtual machines and carry some processing overhead. Because they contend for resources a VM should not be used for performance and stress testing application designed to be on non-VM platforms.

Using VM in Software Deployment

Selling pre-configured systems as VM images where the OS and all of the required software isare in place results in support reduction with guaranteed correct configurations.

Support costs are reduced because while it is very often difficult to reproduce problems due to subtle differences in client and developer platforms, a virtual machine allows an image of the VM to be downloaded and examined.

Applications that benefit from VM Platforms

It is best to avoid high performance and high demand applications, such as database servers, where overheads need to be kept to a minimum and machine utilization is close to complete. Some examples of areas where using VM would be a perfect solution are Web servers, DNS servers, application servers, email servers and any networked application that is idle or little used most of the time.

Advantages of VM enabled and IVT Optimized Software

Software developed and configured to be VM enabled and optimized for IVT will run better and faster in a VM platform. By avoiding techniques that burden the VMM and by utilizing the attributes of IVT, such software will have a great advantage competing for performance aware customers.

Developing and Configuring Apps for VM

The first rules of VM software development are:

VM is memory sensitive
VM is device I/O sensitive - This is taken for granted in the physical world. A VMM must create and manage virtual devices.
Process creation and destruction - In a virtual system the overhead is greater, the VMM handles the book keeping on creation and the VMM needs to do cleanup on destruction.
Other VMs are waiting for CPU time. Avoid using techniques that hog the CPU.

Don’ts:

Memory mapped I/Os and Device mapped I/Os: When an I/O call is made, the VMM has to perform a lot of bookkeeping to keep the Cache, Memory and Disk in sync. If the number of VMs are more on the system, then every time the VM gets de-scheduled, the VMM has to save the Memory state in addition to other book keepings and then bring everything back into context when the VM gets scheduled. So, performance will degrade if the application is dependent on making such kind of calls.
Creating and destroying processes: Process creations are taken for granted in a native environment since the OS owns the Platform. In a Virtualized environment, the VMM needs to keep track of the processes for the VM and in addition to that, even other VMs running on the platform. Each time a process gets created, the pages in memory needs to be created, the registers associated with that process needs to be virtualized and the overhead increases. Similarly, the VMM needs to run a cleanup when the process gets destroyed.
Loops that soak CPU cycles: A harmless while (1) loop in a native environment will have miniscule or no impact on the application. But that is because the application has the whole platform to itself. In a virtualized world each VM is competing for resources, especially CPU resources with other VMs. So, a while (1) loop in a VM can mis-lead the VMM into giving the VM a CPU when it actually doesn’t need it.

Dos:

Memory and Device: Excessive use of memory mapped functions should be avoided if possible.
Use process pooling to be efficient and to stay in the guest OS. Process pooling would increase the book keeping at the programmer’s end but that would mean faster recovery from a context switch.
Give CPU cycles back to the machine when possible. Use of timers and signaling techniques can release the VM’s CPU cycles.

Type of Application Problems and Methods to reduce them

Input and output int ensive applications

Lots of data I/O raises contention in the VMM. Try to minimize data I/O.

Network intensive applications

Use multiple VMs and split traffic across multiple physical NICs (Network interface cards) mapped to virtual NICs.

Disk intensive applications

If the application is disk intensive, then make sure that the VM is residing on a storage area network (SAN). The data drives should be kept on a separate logical unit number (LUN - an address for an individual disk drive) on the SAN than the OS drive. If there is a large difference in performance when running on a native platform, the LUNs on the SAN can be converted as raw disks [1]. This will maximize the IO performance.

If there are multiple VMs having the same IO characteristics, then make sure that they are on different LUNs on the SAN.

Optimizing for Intel® Virtual Technology

Using IVT helps to solve the above problems by reducing the overhead that software only VMMs suffer from.

Using IVT will:

Reduce VMM Complexity

Close hardware “virtualization holes” by design
Reduce need for device-specific knowledge in VMM
Enhance Reliability and Protection
Provide new control over device DMA and interrupts
Improve Functionality
Provide support for legacy (unmodified) guest OSes
Enable pass-through access to I/O devices (where appropriate)
Increase Performance
Eliminate unnecessary transitions to VMM
New address-translation mechanisms (for CPU and devices)
Reduce memory requirements (translated code, shadow tables)

What Intel Provides the ISV - Intel VT Development Tools

Architecture and Hardware

Intel has been a leader in silicon technology for over three decades, consistently advancing logic processes for higher processor speeds and performance, and researching new materials and architectures. Intel’s history of innovation continues with new platforms that enable new opportunities. One of the newest, Intel® Virtualization Technology (Intel® VT), is a set of hardware enhancements to Intel® server and client platforms that can improve traditional software-based virtualization solutions. Intel VT components include:

VT-x - Intel® Virtualization Technology for the IA-32 architecture augments IA-32 with two new forms of CPU operation: VMX root operation and VMX non-root operation. VMX root operation is intended for use by a VMM, and its behavior is very similar to that of IA-32 without VT-x. VMX non-root operation provides an alternative IA-32 environment controlled by a VMM and designed to support a VM. Both forms of operation support all four privilege levels, allowing guest software to run at its intended privilege level, and providing a VMM with the flexibility to use multiple privilege levels. With VT-x, every transition between guest software and the VMM can change the linear-address space, allowing guest software full use of its own address space. The VMX transitions are managed by the VMCS, which resides in the physical-address space, not the linear-address space.

< strong>VT-i - Intel® Virtualization Technology for the Itanium architecture provides the VMM with a virtual-address bit that guest software cannot use. A VMM can conceal hardware support for this bit by intercepting guest calls to the PAL procedure that reports the number of implemented virtual-address bits. As a result, the guest will not expect to use this uppermost bit, and hardware will not allow it to do so, thus providing the VMM exclusive use of half of the virtual-address space. With VT-i, a VMM can use the virtualization-acceleration field in the VPD (virtual processor descriptor) to indicate that guest software can read or write the interruption-control registers without invoking the VMM on each access. The VMM can establish the values of these registers before any virtual interruption is delivered and can revise them before the guest interruption handler returns.

VT-d - Intel® Virtualization Technology for Directed I/O is the next important step toward comprehensive hardware support for the virtualization of Intel® platforms. VT-d extends Intel's Virtualization Technology (VT) roadmap from existing support for IA-32 (VT-x) and Itanium® processor (VT-i) virtualization to include new support for I/O device virtualization. VT-d addresses two key requirements for using virtual machine (VM) technologies. First, protected access to I/O resources from a VM cannot interfere with the operation of another VM on the same platform. Isolation between VMs is essential for achieving availability, reliability, and trust. Second, the virtual platform must provide the ability to share I/O resources among multiple VMs. It’s not practical or cost-effective to replicate I/O resources such as storage or network controllers for each VM. VT-d I/O-device virtualization addresses these issues.

Software

Intel closely collaborates with developers and universities to help them create personal and business software that runs faster and better on Intel® multi-core platforms. Based on current requirements and trends, Intel believes that processor and platform architecture needs to move toward a virtualized, reconfigurable chip-level multiprocessing (CMP) architecture with a large number of cores, a rich set of built-in processing capabilities, large on-chip memory subsystem and sophisticated microkernel.

Support and Training

Intel® Software Network Forums offer a place for public questions and answers on Intel Software Development Products, Intel® platforms and technologies, and other topics. Intel engineers participate and provide answers in the forums. Another option is to contact the Intel® Software Network support team. Virtualization solution software on an Intel platform vendors include Microsoft*, VMware * and XenSource* and all maintain community Web sites with discussion boards and other information.

Intel provides several sources of training. These include:

The Intel® Learning Network provides Web-based training and online seminars on many technologies.

Intel® On- Demand Webcasts allows access to on-demand presentations of recent Intel Webcasts.

The Intel® Software College provides training that is targeted specifically at the software development audience with flexible course offerings – instructor led, online or custom training.

Research and Development

Intel and VMware working with leading software vendors are delivering a bank of proven virtualization software solution stacks for deployment on VMware Infrastructure 3* and Intel Xeon processor-based server platforms using Intel® Core™ microarchitecture.

Conclusion

Virtualization is not just a major factor in IT planning and deployment it can also benefit application development. ISVs can use VM in improving software engineers' efficiency by reducing unproductive time and gain safer environments and flexible ways to reach new customers.

Customers will be looking for software that can take advantage of VM, not software that is hampered by it. By using the techniques described and utilize the hardware based advantages of Intel® Virtual Technology, ISVs will have a considerable advantage in an increasingly virtual IT environment.

Resources

Intel® Software Network Virtualization Community

Intel® Virtual Technology Intel® Virtualization Technology (Intel® VT) is a set of hardware enhancements to Intel® server and client platforms that can improve traditional software-based virtualization solutions.

Microsoft Virtual PC 2007 Whether Microsoft virtualization technology is an important component of your existing infrastructure or you're just a Virtual PC enthusiast, you can now download Virtual PC 2007 absolutely free.

Software Developer FAQ: Intel® Virtualization Technology - Frequently asked questions about the Intel® Virtualization Technology. Includes forums for developers to discuss and learn about these processors.

VirtualBox from InnoTek is family of x86 virtualization products that run on Windows and Linux 32-bit hosts and fully supports Intel's hardware virtualization VT-x. VirtualBox supports a large number of guest operating systems including Windows (NT 4.0, 2000, XP, Server 2003, Vista), DOS/Windows 3.x, Linux (2.4 and 2.6), and OpenBSD and was released under the GNU General Public License (GPL) in January 2007. It features running virtual machines remotely over the Remote Desktop Protocol (RDP), iSCSI support and USB support with remote devices over RDP.

vmdev.net is the home of advanced virtualization development projects working directly with VMware's world class R&D organization.

VMTN - The VMware Technology Network Web site is an online development resource center that features a collection of pre-built VMs from some brand name vendors, including Oracle, BEA, Red Hat, Novell and MySQL. The VMTN will also publish a range of technica l content, including articles, how-tos, white papers and documentation for VMware's products.

VMware Virtualization Development Center is VMware's portal to advanced virtualization development through the Community Source Program. Membership is open to all hardware and software vendors interested in developing products that feature integration with VMware's virtualization software. Members can access to source code, documentation, and other resources.

VMWare is the global leader in virtual infrastructure software for industry-standard systems. The world's largest companies use VMware solutions (Virtual Lab Automation, VMware ESX) to simplify their IT, fully leverage their existing computing investments and respond faster to changing business demands.

Citrix XenServer is an open source virtual machine monitor (VMM) developed at the University of Cambridge to support operating systems (OSs) that have been modified to run on top of the monitor. Intel has extended the Xen VMM to use Intel Virtualization Technology to support unmodified guest OSs also. This was done for IA-32 Intel Architecture processors as well as Itanium® architecture processors.