what is virtualization?[翻译手稿]

原创文章,转载请注明出处.转载自: Li Haifeng's Blog
本文链接地址: what is virtualization?[翻译手稿]

版权归:www.virtuallogix.com

VirtualLogix VLX real-time virtualization technology

clip_image002

VirtualLogix real-time virtualization technology enables multiple Operating Systems, named guest OS’s, to run simultaneously on the same single-core or multi-core processor. The guest OS’s are independent from each other, but can cooperate via efficient communication mechanisms.

VirtualLogix 实时虚拟化技术能够使多个guset操作系统同时运行在单核或者多核处理器上。Guest操作系统之间相互独立,但能够通过有效的沟通机制进行合作。

IBM has pioneered virtualization in the server virtualization space in the 1960’s. The architecture and design choices required by the embedded and real-time focus of VirtualLogix VLX virtualization technology have led to a different approach.

IBM公司自上世纪60年代起,就引领了服务器虚拟化领域的潮流。集中于嵌入式和实时系统的VirtualLogix VLX虚拟化技术所带来的体系结构和设计则引领了另一个虚拟化的潮流。

A thin abstraction layer, named VLX Virtualizer, manages key system resources to isolate the guest OS’s from the underlying hardware. More precisely, VirtualLogix VLX virtualization technology relies primarily on partitioning of resources between the guest OS’s and on virtualization of resources which cannot be partitioned.

通过一个薄抽象层,即VLX Virtualizer, Guset 操作系统和底层的硬件被隔开。更准确一点的话,VirtualLogix VLX虚拟化技术主要是依赖于在Guest操作系统之间做资源的分割,同时对不能分割的资源进行虚拟化。

Typically, physical memory is partitioned between the guest OS’s while the CPU, FPU, MMU or some other system parts such as the real-time clock and interrupt controller are virtualized by VirtualLogix VLX.

更准确的讲,物理内存被分割,但CPU,FPU,MMU和其他系统部分,比如实时时钟和中断控制器,被虚拟化。

This approach enables the VirtualLogix VLX virtualization technology to be applied to embedded and real-time systems.

VirtualLogix VLX正是运用这种方法将虚拟化技术运用于嵌入式和实时系统中的。

Partitioning—分区

Partitioned resources such as memory, which will only be used by a single given guest OS, are exclusively owned by that guest OS. Thus, each OS may use its own native mechanisms and policies, such as memory management, without interfering with other guest OS’s.

内存被作为可以分区的资源,分区后,各自隶属于各个的Guset操作系统,并被各个操作系统独立拥有。这样,每一个操作系统就可以对辖区内的内存进行内存管理,而不会受到其他Guest 操作系统的干预。

With VirtualLogix VLX, I/O devices which will be used by a single guest OS are assigned to that guest OS, thus native device drivers can be re-used without any modification.

利用VirtualLogix VLX技术,I/O设备可以指定给某个guest操作系统使用,这样本地的设备驱动程序不需要任何改动就可以被重新利用了。

Virtualization–虚拟化

Resources that are common to more than one guest OS such as the CPU and real-time clock are virtualized so that they can be shared between those various guest OS’s which need to access such a resource.

对于不只一个guest操作系统公有的资源,比如CPU和实时时钟,是被虚拟化的,这样在多个Guest操作系统中共享了。

In order to ensure efficiency, VirtualLogix employs paravirtualization techniques, meaning that some adaptation of the guest OS kernel has been done by VirtualLogix. These changes are comparable in both effort and scope to porting that OS to a hardware very similar to the underlying one. Therefore, adding support for new OS’s is straightforward.

为了确保效率,VirtualLogix使用了超虚拟化技术。

VirtualLogix VLX always virtualizes the CPU, FPU and MMU (if any) resources. The CPU is shared by means of a scheduler which assigns the processor to the selected guest OS based on one of VirtualLogix VLX’s scheduling policies which guarantee that a real-time guest OS will get a higher priority.

VirtualLogix VLX 一定会虚拟CPU/FPU/MMU的。CPU共享是通过调度器,这个调度器由VirtualLogix VLX确定的调度策略来决定,它可以确保实时操作系统有更高的优先级。

When a guest OS has been granted CPU access, it still uses its own native scheduling policies for its applications.

当一个Guest操作系统抓住CPU后,就按照自己的调度策略来调度它上面的应用程序。

If present, the MMU is virtualized so that each guest OS may use it for its own purposes. With VirtualLogix VLX, usage of the MMU by one guest OS is independent from the usage of the MMU by another guest OS.

如果MMU存在的话是需要被虚拟化的,这样每一个Guest操作系统就可以使用它了。VirtualLogix VLX 的策略是,各个Guest操作系统对MMU的使用是相互独立的。

Device virtualization–设备虚拟化

Running different OS’s simultaneously on the same processor is just one small part of the problem. Running OS’s which neither communicate nor share devices or resources would be of little value. clip_image003

能够使多个操作系统同时在CPU上运行并不是什么大事情。但如果各个操作系统之间既不能够互相联系又不能共享设备和资源就是跟纠结的事情了。

An OS which supports multiple processes, provides them with memory allocation and scheduling policies, and offers them services such as synchronization, shared access to file systems and network interfaces and inter-process communication.

对于支持多个处理器特征的的操作系统而言,需要提供,内存分配,调度策略,同步服务,共享文件系统和网络接口,处理器通信

Similarly, VirtualLogix VLX virtualization technology provides each guest OS with synchronization (cross-interrupt mechanism), shared access to devices such as disk controllers, network interfaces, serial lines and inter-OS communication mechanisms through virtual devices (virtual Ethernet or virtual UART).

同样,VirtualLogix VLX 虚拟化技术需要同步每一
个Guest操作系统,共享设备,例如磁盘控制器,网络接口,串行线路,还需要通过虚拟设备(虚拟以太网或者虚拟的UART)提供多操作系统通信的机制。

Shared I/O devices–共享I/O设备

Devices such as an Ethernet controller or a serial line may need to be accessed by more than a single guest OS. For such standard I/O devices, VirtualLogix VLX includes "back-end" device drivers which manages the physical hardware devices, virtualizes the corresponding device, and exports a virtual view of that device to other guest OS. This approach provides these guest OS’s with access to features of each device without actual access to the device.

对于以太网控制器或者串行线路这样的东西可能需要被多个Guest操作系统访问。对于这些设备,VirtualLogix VLX 利用了”BACK-END”设备驱动去管理物理设备,虚拟化之,然后对其他的的客户机操作系统漏出一个用户级的接口,这种方法,让Guest操作系统访问的是虚拟的设备,而不是真是的访问。

Commet:就像是spoolling技术吧?

Virtual I/O devices–虚拟化I/O设备

Communications between the different guest OS’s are provided by virtual communication devices. Different types of such devices can be configured depending upon the needs of the communicating applications. For example, a system might use a virtual Ethernet to implement a local private network that is located wholly internally to the machine, and/or it might use virtual UART device to pass AT modem commands from one guest OS to the other.

不同的Guest操作系统通过虚拟的通信设备进行通信。并根据不同的通信类型,虚拟通信设备的配置也是不一样的。例如,利用虚拟的以太网实现本地的网络服务,利用虚拟的UART设备从一个操作系统传递AT modem命令到另一个操作系统。

Modularity, performance, footprint–模块,性能,footprint

There is no universal unique solution which may adequately solve every product’s problems. VirtualLogix VLX virtualization technology uses a modular architecture which enables developers to configure a custom product specific virtualization solution that meets the required product-specific trade-offs between footprint, performance, isolation and security.

没有一个万全之策解决每一个产品的问题。VirtualLogix VLX 虚拟化技术利用模块化的体系结构让开发者可以去配置一个自定义的虚拟化解决方案,这种方案就可以解决具体产品的,”footprint” 、性能、独立性和安全问题。

VLX Virtualizer provides the foundation services for partitioning and virtualization. It can be optionally complemented with hypervisor modules to provide additional services.

VLX虚拟化技术所提供的主要服务是分区理念和虚拟化。这些服务有hypervisor来实现。

VirtualLogix VLX default configuration gives each guest OS its own physical memory, providing effective memory isolation between each of the guest OS’s. This provides enough isolation to catch most memory access errors.

VirtualLogix VLX 缺省情况下的配置是给每一个Guest操作系统分配一定的物理内存,并让这些内存有效的隔离。如果越界,就会发生访存错误。

Modularity, isolation and security–模块,独立,安全

Stronger inter-guest OS isolation may be required to resist malware that may potentially be injected in one guest OS. To this end, VirtualLogix VLX may be configured with optional hypervisor modules to provide an unbreakable and complete isolation between guest OS’s.

更加严格的Guest操作系统独立,是为了防止恶意软件可能伤害其他的guest操作系统。为此,VirtualLogix VLX 通过配置可选项,可以提供一个牢不可破的,并且使各个操作系统完全的独立。

Isolation in itself is not security but only a prerequisite to the creation of a secure system. VirtualLogix VLX virtualization technology enables the full isolation of untrusted guest OS in a sandboxed partition. The VirtualLogix secure guest OS environment can be configured to let trusted agents manage the core security services of the platform. Such trusted agents may be configured and used as required by the overall system, either to run DRM policies, to store keys or to perform the management of multi-level security platforms.

独立并不是安全的充分条件,而是一个安全操作系统所的必要条件。VirtualLogix VLX虚拟化技术可以让信任能力不够的操作系统放到沙漏区VirtualLogix 系统为了确保平台的安全可以配置一下,让一个可信任的代理去管理平台的内核安全服务。例如,信任的代理可以被高一级系统配置和利用,可以运行DRM策略,或者可以管理多安全级别的平台。

The modular architecture of VirtualLogix VLX allows developers to make explicit trade-offs between the required level of isolation and the desired level of performances.

VirtualLogix VLX的这种模块化的结构允许开发者显示的配备相应等级的独立要求和相应等级性能。

footprint ,不知道该怎么翻译,知道的童鞋,请留言告诉我,3q~

From Li Haifeng's Blog, post what is virtualization?[翻译手稿]

Post Footer automatically generated by wp-posturl plugin for wordpress.

分享到: