An introduction to lguest [LWN.net]

Linux cannot be said to suffer from a shortage of virtualization solutions. What is harder to come by, however, is a paravirtualization system which is amenable to relatively easy understanding. A relatively recent entrant into the field, however, changes that situation significantly. With just 6,000 lines (including the user-space code), Rusty Russell's hypervisor implementation, lguest (pronounced rʌs.ti'vai.zər), provides a full, if spartan paravirtualization mechanism for Linux.

The core of lguest is the lg loadable module. At initialization time, this module allocates a chunk of memory and maps it into the kernel's address space just above the vmalloc area - at the top, in other words. A small hypervisor is loaded into this area; it's a bit of assembly code which mainly concerns itself with switching between the kernel and the virtualized guest. Switching involves playing with the page tables - what looks like virtual memory to the host kernel is physical memory to the guest - and managing register contents.

The hypervisor will be present in the guest systems' virtual address spaces as well. Allowing a guest to modify the hypervisor would be bad news, however, as that would enable the guest to escape its virtual sandbox. Since the guest kernel will run in ring 1, normal i386 page protection won't keep it from messing with the hypervisor code. So, instead, the venerable segmentation mechanism is used to keep that code out of reach.

The lg module also implements the basics for a virtualized I/O subsystem. At the lowest level, there is a "DMA" mechanism which really just copies memory between buffers. A DMA buffer can be bound to a given address; an attempt to perform DMA to that address then copies the memory into the buffer. The DMA areas can be in memory which is shared between guests, in which case the data will be copied from one guest to another and the receiving guest will get an interrupt; this is how inter-guest networking is implemented. If no shared DMA area is found, DMA transfers are, instead, referred to the user-space hypervisor (described below) for execution. Simple disk and console drivers exist as well.

Finally, the lg module implements a controlling interface accessed via /proc/lguest - a feature which might just have to be changed before lguest goes into the mainline. The user-space hypervisor creates a guest by writing an "initialize" command to this file, specifying the memory range to use, where to find the kernel, etc. This interface can also be used to receive and execute DMA operations and send interrupts to the guest system. Interestingly, the way to actually cause the guest to run is to read from the control file; execution will continue until the guest blocks on something requiring user-space attention.

Also on the kernel side is a paravirt_ops implementation for working with the lguest hypervisor; it must be built into any kernel which will be run as a guest. At system initialization time, this code looks for a special signature left by the hypervisor at guest startup; if the signature is present, it means the kernel is running under lguest. In that situation, the lguest-specific paravirt_ops will be installed, enabling the kernel to run properly as a guest.

[lguest address spaces] The last component of the system is the user-mode hypervisor client. Its job is to allocate a range of memory which will become the guest's "physical" memory; the guest's kernel image is then mapped into that memory range. The client code itself has been specially linked to sit high in the virtual address space, leaving room for the guest system below. Once that guest system is in place, the user-mode client performs its read on the control file, causing the guest to boot.

A file on the host system can become a disk image for the guest, with the user-mode client handling the "DMA" requests to move blocks back and forth. Network devices can be set up to perform communication between guests. The lg network driver can also work in a loopback mode, connecting an internal network device to a TAP device configured on the host; in this way, guests can bind to ports and run servers.

With sufficient imagination, how all of this comes together can be seen in the diagram to the right. The lguest client starts the process, running in user space on the host. It allocates the memory indicated by the blue box, which is to become the guest's virtualized physical memory, then maps in the guest kernel. Once the user-mode client reads from /proc/lguest, the page tables and segment descriptors are tweaked to make the blue box seem like the entire system, and control is passed to the guest kernel. The guest can request some services via the kernel-space hypervisor code; for everything else, control is returned to the user-mode client.

That is a fairly complete description of what lguest can do. There is no Xen-style live migration, no UML-style copy-on-write disk devices, no resource usage management beyond what the kernel already provides, etc. As Rusty put it at linux.conf.au, lguest eschews fancy features in favor of cute pictures of puppies. The simplicity of this code is certainly one of its most attractive qualities; it is easy to understand and to play with. It should have a rather easier path into the kernel than some of the other hypervisor implementations out there. Whether it can stay simple once people start trying to do real work with it remains to be seen.

(Log in to post comments)

Target Windows?

Posted Jan 26, 2007 9:57 UTC (Fri) by AnswerGuy (guest, #1256) [Link]

... Unless you're using target in a more militant sense then I don't see how the statement logically follows?

Linux has too many virtualization models. Factions of developers are experimenting and filling different virtualization niches.

VMware is commercial, expensive, proprietary, and well established. Full virtualization via some proprietary (and patented?) software techniques. Adding support for para virtualization. Fairly slick UI and provisioning tools.

Xen is free. But separate (and widely criticized). Supports para virtualized and full virtualization (with the latest CPU models). Nascent tools

KVM is free ... and done by core kernel developer. Thus it's integrated into the mainstream (but perhaps too new to have accumulated much criticism). No tools nor UI t speak of --- KVM is more of an API and some other project(s) will have to form around that to build front end tools and UIs. KVM seems to require the VT-x CPU features in any event.

Virtuozzo and OpenVZ are very lightweight but essentially like a jazzed up "chroot" (or, more to the point, like the FreeBSD jail() system call). It's well established for "consolidated server hosting."

This lguest, as described here seems to be an experiment in minimalism.
Interestingly it using the ancient 386 segmentation and additional "rings"
as the basis for it's own paravirtualization abstraction. I'm guessing
it will be somewhere between Virtuozzo and KVM in the degree of
isolation and virtualization that's achieved.

So all of these other than VMWare sound like perfectly normal exploration of a range of possibilities. I suspect that parts of these will be
merged ... but that there will continue to be at least two or three diverse set of "virtualization" and "jail/chroot isolation" features that will
be used in different ways.

More importantly I hope that provisioning, package management, monitoring and related tools become "VM aware." in a large number of ways. And that they can mostly abstract away the differences between Virtuozzo, Xen and other VM types.

JimD

And not forgetting UML

Posted Jan 26, 2007 11:12 UTC (Fri) by copsewood (subscriber, #199) [Link]

Which is User-Mode Linux. On which I've run an incredibly reliable and low cost server doing a great number of things reliably for a couple of years. UML has been criticised for performance compared to Xen - but most servers only use a small fraction of CPU anyway. Don't notice the problem myself. Virtualisation has so much potential it's not surprising there is much work going on different approaches to it. On Linux it is also a young enough field we are all better served by finding out which solutions work best in which situations.

Target Windows?

Posted Jul 30, 2007 5:12 UTC (Mon) by micah (subscriber, #20908) [Link]

Why do Linux-Vservers always get left out of the list of virtualization technologies? Even moreso, why does Virtuozzo and OpenVZ get mentioned but not Linux-Vserver?

An introduction to lguest

Posted Jan 31, 2007 8:24 UTC (Wed) by vmlinuz (guest, #24) [Link]

You miss the point of the lrustyguestvisor. The answer to your question is that the performance doesn't matter because of the puppies. Look at all the cute puppies! Ahem... He's quite a persuasive speaker, is our Rusty...

A slightly more serious answer is that performance isn't the number one goal - it's not bad, but it's not going to be heavily tuned for performance if it makes things more complicated. At this point, it's simple enough that I believe it doesn't do SMP yet, although support for an SMP host kernel has apparently just been added.

lguest performance

Posted Feb 2, 2007 12:13 UTC (Fri) by rusty (✭ supporter ✭, #26) [Link]

> So what's performance like?

Poor. Last I did a guest kernel compile, it was twice as slow as running in the host (mind you, the guest only had 512M of ram, the host had 3G, so some can be explained away).

That said, there are plenty of low hanging fruit left, and progress is being made quickly. Balancing small code vs. performance is going to be the trick, but I'd hope to get within 25% of native on all reasonable benchmarks. Of course, for some things it's there already, but context-switch-heavy loads really show the weakness of the shadow page table implementation, for example.

I often put virtbench results into checkin comments, which you can see here:
http://ozlabs.org/~rusty/paravirt/

Cheers!
Rusty.