Virtualization, the practice of running software on emulated hardware, has emerged rapidly as an important concept in the last few years. The main benefits of virtualization are that hardware resource utilization can be maximized and that resource management is made simpler. However, as virtualization is yet another abstraction layer between the application and the actual hardware, it may also introduce extra overhead.
This chapter deals with the product JRockit Virtual Edition; a new piece of technology that is part of the JRockit product family. Throughout this chapter, the terms JRockit Virtual Edition and the short form JRockit VE are used interchangeably.
JRockit VE enables the user to run Java in a virtualized environment without an operating system, removing large amounts of the overhead typically associated with virtualization. JRockit VE is a separate product that contains the minimum components necessary to run a Java application in a virtualized environment—a small lightweight OS-like kernel and a JRockit JRE.
JRockit VE can run any Java application, but initially, the most likely way in which users will encounter JRockit VE is as part of the WebLogic Server on JRockit Virtual Edition product (WLS on JRockit VE). WLS on JRockit VE is basically a prepackaged instance of a WebLogic Server installation, in virtual machine image form. A virtual machine image is a binary image that contains a virtual machine configuration, software, and a file system. The image is intended for deployment on a specific virtualization platform, such as Oracle VM Server.
This chapter, being a technical introduction to JRockit VE, concentrates on the virtualization layer and the technology behind the JRockit VE product. It will not discuss specific software stacks built on top of JRockit VE.
Note
As this is a chapter about recently productized or emerging technology, details, names, concepts, and implementations can be counted on to change more rapidly than technology covered in other chapters of this book. The chapter may also contain forward-looking statements that will not be implemented. The fundamental concepts, however, remain the same. Online documentation should always be consulted for the freshest information on any product.
From this chapter you will learn:
- About virtualization as a concept and some common terms used for different kinds of virtualization.
- What a hypervisor is, the different types of hypervisors, and the most important hypervisors in the market today.
- The advantages and disadvantages of virtualizing a software stack and how to get the most out of the advantages.
- About specific issues with virtualizing Java and how the JRockit Virtual Edition product simplifies the virtualization process and enhances performance.
- About the concept of virtual machine images.
- What the future has in store—can virtualization overhead be reduced further or even removed, making virtualization an even more powerful tool? Can a virtualized application even run faster than on physical hardware, given the right environment?
Virtualization is a word that has been used in many contexts over the years. However, it always concerns abstracting a physical resource as a virtual one. It is not a new concept. Virtual memory on a per-process basis is the main schoolbook example, present in all operating systems. Partitions on a single hard drive that each look like separate physical drives to an operating system are also technically virtualization. But the buzz the last few years has been about virtualizing everything in a physical machine. This is not a new concept either, it goes back at least as far as to IBM in the 1960s. Not until recently, however, has virtualization proven itself as a way to increase resource utilization and manageability in the server room.
Virtualization, for the purposes of this book, is the practice of running a platform (such as an operating system) or an individual application on virtual hardware, emulated in software. The virtual hardware typically looks like actual physical hardware to the running platform or application. An entity deployed on a virtual system is often referred to as a guest. The piece of software that enables multiple guests, for example operating systems, to run on a single system is called a hypervisor. A hypervisor can help the guest by, for example, supplying device drivers that are tailored to run in a virtualized environment and thus improve performance for the guest.
Note
What actually hides behind the physical hardware camouflage varies, depending on the type of resource being virtualized. For example, what looks like a physical hard drive is typically a file, or collection of files on a server somewhere. What looks like four available physical CPUs is actually an amount of timeshare on an unknown number of existing CPUs. What looks like 1 GB of memory is actually the claim to part of a larger amount of physical memory. Some hypervisors even allow the guests to overcommit memory within their limited allocation space. But to the guest this does not matter, it only sees what it believes to be physical hardware (with some exceptions).
Virtualization is becoming increasingly important, mainly because it makes it possible to use existing physical machines more efficiently. If the CPU on a physical machine is idle, for example while waiting for I/O, those CPU cycles that could have been used for execution are wasted in the idle time. Multiplexing several guests on the same hardware makes it possible for those idle CPU cycles to be used for other guests until the I/O request returns. Naturally, when several guests (for example operating systems) run at the same time, another performance penalty may result from additional context switching. However, it is an undeniable fact that virtualization makes more efficient use of the available hardware. This is attractive also from the power consumption angle, in a world that is becoming increasingly environmentally conscious.
Virtualization falls into several categories, mostly having to do with the layer of exposure to the underlying platform. While there is some confusion in terminology here, let us start by introducing some common concepts and explain how they will be used in this book. Virtualization is a complex area—the following is a simplified version of the world.
Full virtualization means that all sensitive functionality of an underlying platform is emulated by the hypervisor—for example device interaction and memory mapping. This makes it possible to deploy any unmodified software as a guest, the guest believing that it is actually executing on physical hardware.
This is implemented on a platform that lacks explicit hardware support for virtualization, by letting the hypervisor trap sensitive (privileged) instructions executed by the guest and emulate them in a sandboxed environment.
Full virtualization can also be hardware-assisted, for example the Intel VT or AMD-V technologies have CPU-specific support for running several operating systems at once. Hardware-supported virtualization dramatically reduces the emulation overhead in a hypervisor. Lately, other pieces of hardware than the CPU have also been equipped with virtualization support. One example would be network cards with built-in hardware support for virtualization.
Large performance benefits to virtualization have been achieved with hardware support. This seems to indicate that full virtualization is rapidly becoming the main virtualization paradigm in the market.
Paravirtualization is used to refer to a virtualized environment where the guest needs to know about the underlying hypervisor. Typically, in a paravirtualized environment, privileged actions need to be explicitly requested by the guest through calls to a public hypervisor API. This means that the guest has to communicate with a lower abstraction layer and consequently needs to know that it is virtualized.
Paravirtualization removes some of the flexibility of virtualization, as the guest (for example an operating system) needs to be modified before virtual deployment. An advantage might be that unnecessary layers of abstraction can be scaled away, enabling additional performance improvements at the price of less flexibility. Also, the end user rarely has to worry about the implementation of the underlying hypervisor. For example, on Xen, which originally was a paravirtualization-only hypervisor, the main use case is to run pre-packaged operating systems that have already been modified for paravirtualization. The user typically deploys his application on top of these.
With the emergence of high-performance hardware support for full virtualization, it is the authors' opinion that paravirtualization is becoming less important.
There are several other keywords in the virtualization area that have many different meanings, for example partial virtualization. Partial virtualization and paravirtualization are sometimes used interchangeably, but partial virtualization may also mean virtualizing only specific parts of the underlying hardware. For example, the term has been used to describe binary translation tools such as Rosetta on the Macintosh, enabling software compiled for PowerPC to run on Intel hardware. Partial virtualization may or may not require hardware support. Concepts like virtual memory in an operating system can also fall under the category partial virtualization.
Operating system level virtualization is another term that pops up from time to time. This typically describes some kind of isolation mechanism built into an OS for dividing the OS into separate instances, protected from one another, making them look like they are running on different physical machines. Solaris Containers is probably the most well-known example.
Recall that the hypervisor is the software layer that makes virtualization possible (optionally with the aid of explicit hardware support). The hypervisor provides an idealized view of a physical machine. All "dangerous operations" that would break the abstraction, such as device interaction and memory mapping, are trapped and emulated by the hypervisor.
Just as there are different types of virtualization, there are different types of hypervisors. Again, terminology is rather complicated. For the purposes of this book, we will discriminate only between hosted hypervisors and native hypervisors.
A hosted hypervisor typically runs as a standard process in an ordinary operating system. As mentioned earlier, sensitive (kernel mode) operations performed by the guest are typically emulated or JIT-interpreted by the hypervisor. User mode operations can often execute directly as part of the hosted hypervisor process, but may also be emulated or JIT-interpreted when applicable.
The main advantage with a hosted hypervisor is that it is typically very easy to install and use—just another application in your operating system. Usually, the performance of a hosted hypervisor is not up to server-side requirements, but this is not its main purpose.
Note
Real world example—large parts of this book were developed and written on a Macintosh, where no JRockit version currently exists. For the purpose of producing JRockit examples, the author has used the hosted hypervisor VMware Fusion to run a Linux version of JRockit on his home computer.
VMware Player is an example of a simple hosted hypervisor. Oracle VirtualBox is another.
A native hypervisor requires no host operating system. It can be installed directly on physical hardware out of the box. Hardware device drivers can be provided by the hypervisor, either in a special virtual machine for isolation (for example in Oracle VM- and Xen-based solutions) or as part of the hypervisor itself (for example in VMware ESX).
Typically, a native hypervisor is much more efficient than a hosted hypervisor.
Oracle VM and the VMware ESX product suite are two examples of native hypervisors, who, although their approaches to virtualization are different, both fulfill the criterion that they install directly on physical hardware.
There are several mature hypervisors available in the quickly-changing market.
Xen is an open source hypervisor, originally developed at the University of Cambridge. Xen later turned into the company XenSource Inc., and was acquired by Citrix Corporation in 2007. Citrix release their own commercial server-grade Xen systems with extra APIs, along with several management tools. The Xen hypervisor itself continues to be available for free, under public open source license.
Xen has, because of its free nature, been widely used in several virtualization frameworks, and has been turned into native hypervisors, Oracle VM being one of them. Oracle VM is an Oracle Enterprise Linux-based operating system with Xen at the bottom, and a native hypervisor.
Xen was originally a paravirtualized solution. In other words, it required that the guests know that they are virtualized so that they can interact with the hypervisor. For example, Linux kernels that should run on paravirtualized Xen need to be specially compiled. The trend lately, however, seems to be that Xen is moving away from the paravirtualized metaphor towards an environment with support for unmodified guests. This requires hardware virtualization support.
VMware corporation, one of the first players in the virtualization field, has several virtualization products, both native and hosted hypervisors. Most notable are VMware Workstation (VMware Fusion on Macintosh), VMware ESX and VMware ESXi. These are commercial products. VMware also makes a stripped-down version of VMware Workstation available for free, called VMware Player that does not provide support for creating and configuring your own virtual machines, but allows you to run an existing virtual guest. VMware also has a hosted virtualization platform called VMware Server. It is available for free.
Microsoft corporation has developed the Hyper-V virtualization framework, designed to work with Windows Server that is already a widely adopted technology. Hyper-V requires hardware virtualization support.
KVM (Kernel-based Virtual Machine) is an open source hypervisor project, licensed under the GNU Public License, driven by RedHat.
Parallels Inc. produces desktop and server virtualization software for Macintosh, Windows, and Linux.
Also worth mentioning is VirtualBox, an independent virtualization package containing its own hypervisor. It is targeted at desktop, server, and embedded use. VirtualBox was originally developed by the German company Innotek, who were acquired by Sun Microsystems, who in turn are now part of Oracle Corporation.
The main advantage of virtualization is, as we have mentioned, more efficient resource utilization. Several guests can compete for all resources of one physical machine. When one guest is idle, another guest may run. Virtualization may substantially decrease the idle time in the server room.
Another advantage is that virtualization further enables the "cloud computing" metaphor. As virtualized guests may be suspended, migrated to other physical machines, and resumed, an entire machine park can be abstracted as a cloud of computational power, on which deployments of applications may be made. This is usually facilitated through different management frameworks.
Note
Another, somewhat overlooked, but very important application for virtualization is keeping legacy applications alive. A common nightmare in IT is having to retire old hardware on which legacy applications with no forward compatibility are hosted. This requires porting the applications to new platforms, either requiring complete rewrites or ending up with Frankenstein-type solutions such as COBOL to (unreadable) Java converters. Virtualizing the old hardware instead will make it possible to continue running the legacy application for some time, while figuring out how to replace it in a less stressful manner.
The main problem with virtualization is, of course, the extra overhead introduced by another abstraction layer, the hypervisor, in the stack between application and hardware. While hardware resource usage indeed gets more optimal in a virtualized environment, there are costs associated both with running several guests at once on a piece of physical hardware as well as with the extra overhead incurred by the hypervisor abstraction layer.
Now consider the case of a Java application in a virtual environment. For a standard, non-virtualized local Java application, the JVM provides one layer of abstraction against the hardware. The operating system on which the JVM runs provides another. The hypervisor layer that is responsible for emulating the virtual hardware below the OS adds yet another zone of abstraction between the application and its actual execution as native code.
We can try to make each layer of abstraction as thin and efficient as possible, but we can't make them go away altogether. For example, using hardware support to implement the hypervisor will decrease the virtualization overhead. However, we are still dealing with emulating physical hardware for the virtualized application. This naturally incurs overhead anyway.