1 | 2012 Oracle Corporation Proprietary and Confidential

Safe Harbor Statement

The following is intended to outline our general product
direction. It is intended for information purposes only, and
may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality,
and should not be relied upon in making purchasing
decisions.
The development, release, and timing of any features or
functionality described for Oracles products remains at the
sole discretion of Oracle.

2 | 2012 Oracle Corporation Proprietary and Confidential

 Oracle Training Materials Usage Agreement
Use of this Site (Site) or Materials constitutes agreement with the following terms and conditions:

1. Oracle Corporation (Oracle) is pleased to allow its business partner (Partner) to download and copy the information,
documents, and the online training courses (collectively, Materials") found on this Site. The use of the Materials is restricted to
the non-commercial, internal training of the Partners employees only. The Materials may not be used for training, promotion, or
sales to customers or other partners or third parties.

2. All the Materials are trademarks of Oracle and are proprietary information of Oracle. Partner or other third party at no time has
any right to resell, redistribute or create derivative works from the Materials.

3. Oracle disclaims any warranties or representations as to the accuracy or completeness of any Materials. Materials are provided
"as is" without warranty of any kind, either express or implied, including without limitation warranties of merchantability, fitness
for a particular purpose, and non-infringement.

4. Under no circumstances shall Oracle or the Oracle Authorized Boot Camp Training Partner be liable for any loss, damage,
liability or expense incurred or suffered which is claimed to have resulted from use of this Site of Materials. As a condition of use
of the Materials, Partner agrees to indemnify Oracle from and against any and all actions, claims, losses, damages, liabilities
and expenses (including reasonable attorneys' fees) arising out of Partners use of the Materials.

5. Reference materials including but not limited to those identified in the Boot Camp manifest can not be redistributed in any format
without Oracle written consent.

3 | 2012 Oracle Corporation Proprietary and Confidential

 Oracle VM 3 Guest VM Concept
Instructors Name

4 | 2012 Oracle Corporation Proprietary and Confidential

 Guest VM Concept
Physical Machine
Oracle Oracle Microsoft Oracle BI Oracle Microsoft Computing Components
WebLogic Database Active EBS Exchange
Directory Server CPU
Memory
I/O Components
Network
Storage
Platform Components
Chipset, PCI Duplex, BIOS
Interrupt and Timer
Display / Console
Boot Process
Virtual Machine
Similar components as physical machine
Virtual means
Has no privilege to control physical resources
Provisioned by Virtualization Server at runtime
Guest VM
Run OS + Apps on Virtual Machine

5 | 2012 Oracle Corporation Proprietary and Confidential

 CPU Virtualization in Oracle VM
x86 ring protection model
x86 ring protection model
ring 3 Defined in Processor
ring 2 Designed for security reason
ring 1 Any crash in a ring will only harm rings above
ring 0 Runs privileged instructions in ring 0
Runs less privileged instructions in ring 1-3
Need cost to access lower rings function
Context-Switch
x86 Processor
OS Mapping
ring 0
OS Kernel
kernel Less code, Few functions, Very Stable

ring 3
application Applications
Leave ring 1,2 unused to increase performance
x86 architecture is not designed to be virtualized OS defines special mechanism to access lower ring
System-Call

6 | 2012 Oracle Corporation Proprietary and Confidential

 CPU Virtualization in Oracle VM
x86 virtualization approaches Full Virtualization
Run OS & Application unmodified
ring 3 Ring Mapping
ring 2 Hypervisor in ring0
ring 1 Guest OS Kernel + Application in ring 3
ring 0 Translate ring 0 instructions with software
Can use legacy x86 processor
Para-Virtualization
x86 Processor Run modified Guest OS Kernel
Virtualization Extension Leverage hypervisor functions directly
Ring Mapping
Hypervisor in ring0
hypervisor
Guest OS Kernel in ring 1
kernel
Applications in ring 3

kernel & apps

application
Hardware-Assisted Virtualization
Full Virtualization with CPU hardware assistance
Virtualization Extension
Oracle VM Supports PV & HVM Intel (vmx), AMD (smv)
Translate privileged instructions in circuit

7 | 2012 Oracle Corporation Proprietary and Confidential

 CPU Virtualization in Oracle VM
Virtual Processor
Defined in guest VM
Processor : Currently scheduled processors
Max Processor : Max scheduled processors
Virtual Processor Provisioning
Scheduled by Hypervisor
With similar specs as physical CPU
Frequency
Capabilities
Except Virtualization Support
Maximum 128 vCPU per guest VM
Support CPU over-commitment : Accumulated number of vCPUs can exceed
the number of physical CPU Cores/Thread

8 | 2012 Oracle Corporation Proprietary and Confidential

 CPU Virtualization in Oracle VM
Virtual Processor Scheduling
Time-sharing scheduling model
Physical CPU resources as a pool
Scheduler to share CPU time among Virtual Processors
Scheduler used in Oracle VM
Designed for modern multi-socket, multi-core x86 system
Load balancing among physical CPUs
Proportional fair share algorithm
Parameters in guest VM
Priority (10-100) : Higher priority can get more CPU time slots
Processor Cap (10-100) : Processor Cap will limit the percentage of total CPU consumption by a
guest VM
Parameters will be calculated and sent to hypervisor combined to determine percentage of CPU
time that a VM can consume

9 | 2012 Oracle Corporation Proprietary and Confidential

 CPU Virtualization in Oracle VM
CPU Affinity
By default
Hypervisor can schedule virtual processors on any physical CPU core
CPU Pinning force a VM to use only specified physical CPU Cores
Defined in guest VM metadata
Deemed as a valid Hard Partition option for Oracle Software
http://www.oracle.com/technetwork/topics/virtualization/ovm-hardpart-167739.pdf
Can help to reduce software license costs
How it works
Scheduler only attaches Virtual Processors to specified physical CPU Cores
More than one guest VMs can pin on same physical CPU Cores
Unpinned Virtual Processors can still use all physical CPU Cores

10 | 2012 Oracle Corporation Proprietary and Confidential

 Memory Virtualization in Oracle VM
x86 Memory Virtualization
x86 memory management
Hybrid (CPU cache, RAM, disk-based) memory system with continuous address space
Divide memory space into separated pages
CPU can only access physical memory, need page address translation
MMU has dedicated hardware - Translation Look-aside Buffer (TLB)

x86 memory virtualization approaches

Software Emulated
Simulate MMU functions in software: Shadow Page Table
Have to be done for each guest VM
Para-Virtualization
Call hypervisor functions to allocate memory properly
Hardware-Assisted
Modern Processor support MMU Virtualization - Tagged TLB
Intel : EPT, AMD: RVI

11 | 2012 Oracle Corporation Proprietary and Confidential

 Memory Virtualization in Oracle VM
Memory Provisioning in Oracle VM
Parameters defined in guest VM
Memory : Initial memory allocated for guest VM
Max Memory : Max memory can be allocated for guest VM
Virtual Memory provisioning Oracle VM
By hypervisor
Only physical memory can be provisioned to guest VMs
Does not support memory over-commitment
Memory Affinity
Modern x86 processor use NUMA Architecture
MMU in processor
Memory access is faster to local memory than through other processors
Hypervisor always tries to allocate memory close to physical processor used by guest VM

12 | 2012 Oracle Corporation Proprietary and Confidential

 I/O Virtualization in Oracle VM
I/O Virtualization Architecture
I/O Virtualization services are
dom0 domU domU
implemented in Dom0, include:
QEMU-DM Native Native PV Block PV Network Network
Block Network Frontend Frontend
Driver Driver Driver Driver Storage
Each virtualized device should
have a corresponding back-end
driver
PV Network PV Block
HVM Guest VM PV Guest VM
Backend Drivers Backend Drivers PV Network Backend Driver
Hypercall API PV Block Backend Driver
Native Device Drivers
Xen.org-based Hypervisor
I/O Services in Dom0
Emulated I/O Services
x86 bare-metal server
Para-Virtualized I/O Services

13 | 2012 Oracle Corporation Proprietary and Confidential

 I/O Virtualization in Oracle VM
Emulated I/O Services
QEMU-DM daemon in Dom0
dom0 domU
Derived from QEMU OSS project with optimization for
Oracle VM
QEMU-DM Native Native
Block Network Use device model only
Driver Driver
One instance per HVM Guest
Emulate real physical I/O devices for HVM Guests
Storage
PV Network PV Block
HVM Guest VM PIIX3 IDE Disk, LSI SCSI Disk
Backend Drivers Backend Drivers
Hypercall API Network NIC
Native Device Drivers Intel, RealTek GbE Adapter
Hypervisor
Benefits
x86 bare-metal server Guest OS is unmodified and uses native device drivers
Limitation
Poor Performance and Scalability
Support only limited devices

14 | 2012 Oracle Corporation Proprietary and Confidential

 I/O Virtualization in Oracle VM
Para-Virtualized I/O Services
I/O abstraction implemented in Xen technology
dom0 domU Replace hardware-specific drivers
No need to implement hardware complexity
QEMU-DM PV Block PV Network Frontend / Backend Driver Model
Frontend Frontend
Driver Driver Frontend driver running in guest OS
Backend driver running in Dom0
Must be in pair to setup the communication channel
Can work for both HVM and PV guest VMs

PV Network PV Block
PV Guest VM Benefits
Backend Drivers Backend Drivers Simple & Very Stable
Hypercall API
Native Device Drivers Rarely changed
Hypervisor
Much better Performance & Scalability than emulated
Off-load CPU virtualization burden in PVHVM guest
x86 bare-metal server
Guest OS Support
Built-in support in Linux and Solaris
MS Windows
PV Drivers available from Oracle

15 | 2012 Oracle Corporation Proprietary and Confidential

 I/O Virtualization in Oracle VM
Virtual Network Services
Virtual NIC in Dom0
dom0 domU domU
Each virtual NIC in guest VM has a
QEMU-DM Native PV Network PV Network corresponding vif in dom0
Network Frontend Frontend
Driver Driver Driver Can leverage host OS firewall & QoS
settings
Mix PV & Emulated virtual NICs in
HVM Guest VM PV Guest VM PVHVM
PV Network Backend Driver
Hypercall API PV Virtual NICs
Native Network Driver
Xen.org-based Hypervisor Use netfront as device type
Default for PVHVM Guest
x86 bare-metal server Need not explicit defined
Emulate Virtual NICs
Use ioemu as device type

16 | 2012 Oracle Corporation Proprietary and Confidential

 I/O Virtualization in Oracle VM
Two kinds of block backend drivers
Virtual Disk Services File-backed
Use disk image files as backend
dom0 domU domU Use file protocol in VM definition
Has more overhead to access storage
Native PV Block PV Block PV Block Best for OS & Application disk image files in
QEMU-DM
Block Frontend Frontend Frontend OVM Repository
Driver Driver Driver Driver Block-backed
Use physical block device as backend
Use phy protocol in VM definition
Use PV Driver to achieve best disk I/O
performance
File-backed PV Block-backed PV
HVM Guest VM PV Guest VM Best for application data
Block Backend Block Backend
Hypercall API Mix PV & Emulated virtual disks in PVHVM
Native FS Stack Native SCSI Stack
Xen.org-based Hypervisor PV Virtual Disks
Use xvd as prefix for virtual disk name
Emulate Virtual Disks
x86 bare-metal server Use hd or sd as prefix for virtual disk name
Shared Virtual Disk
Virtual Disk can be shared among multiple
guest VMs
Exposed as a physical LUN to guest VMs

17 | 2012 Oracle Corporation Proprietary and Confidential

 Platform Virtualization in Oracle VM
Platform Virtualization Architecture
OVM Admin Platform Virtualization
Manager Desktop
emulates required system
components, includes:
dom0 domU domU
Motherboard & PCI Bus
Interrupt & Timer
OVM Console Service Console
QEMU-DM
MB & PCI Bus
Video
Virtual PCI &
Video Timer
BIOS and boot process
Interrupt & Timer BIOS USB
Platform Services
QEMU-DM daemon
HV Guest VM PV Guest VM
PCI Backend USB Backend Virtual BIOS Service
Drivers Drivers Native
Timer Hypercall API Virtual Console Service
Native Device Drivers
Xen.org-based Hypervisor

x86 bare-metal server

18 | 2012 Oracle Corporation Proprietary and Confidential

 Platform Virtualization in Oracle VM
HVM Guest
QEMU-DM in Dom0
dom0 domU Emulate system components:
Motherboard & PCI Bus
Interrupt & Timer
OVM Console Service
VGA Adapter
MB & PCI Bus Virtual
QEMU-DM Video
Interrupt & Timer BIOS Emulation in software
Performance is not good

HV Guest VM Virtual BIOS or Firmware

PCI Backend USB Backend
Drivers Drivers Native A software service loaded automatically into
Timer Hypercall API
each HVM guest when started
Native Device Drivers
Hypervisor
Implement components required for booting a
HVM Guest
x86 bare-metal server CD-ROM
PXE
Boot Process
Use legacy x86 boot process

19 | 2012 Oracle Corporation Proprietary and Confidential

 Platform Virtualization in Oracle VM
PV Guest
No Motherboard and PCI bus in PV Guest
dom0 domU
Can only use PV Services in Dom0
But PCI & USB pass-through is not supported in
OVM Console Service
Oracle VM
Technically viable, binary already in release binary
PCI &
QEMU-DM Video Timer
USB But no official support from Oracle
No Virtual BIOS for PV Guest
PV Guest VM No CD-ROM Support
PCI Backend USB Backend
Drivers Drivers Native Boot Process is special
Timer Hypercall API
Native Device Drivers Load PV kernel image directly by boot loader
Hypervisor
Kernel image can be found in local virtual disk or
remotely accessible by FTP or HTTP protocol
x86 bare-metal server No CD-ROM boot option
Use Native Timer in Dom0
Better performance

20 | 2012 Oracle Corporation Proprietary and Confidential

 I/O Virtualization in Oracle VM
Virtual Console Service
Display Driver in guest VM
OVM Admin PV : Frame Buffer in PV Kernel
Manager Desktop
HVM : Native VGA Driver
OVM Console Service in Dom0
dom0 domU domU
Provide virtual console service for
each running guest VM
Can enforce password protection
OVM Console Service defined in VM metadata
MB & PCI Bus Virtual PCI & Use consecutive ports
QEMU-DM Video Video Timer
Interrupt & Timer BIOS USB
By default 6900 and above
Console proxy in OVM Manager
HV Guest VM PV Guest VM Proxy to console service in Dom0
PCI Backend USB Backend
Drivers Drivers Native Convert to browser-accessible app
Timer Hypercall API Need 3rd-party software packages
Native Device Drivers on OVM Manager host
Xen.org-based Hypervisor
Console app in admin desktop
x86 bare-metal server Java-based application
Require Java Runtime for Browser

21 | 2012 Oracle Corporation Proprietary and Confidential

 Choose among guest VM types
Key Performance Contributor
Overhead in x86 virtualization
x86 architecture is not good designed for virtualization
Ring protection mode limits parallel running guest VMs
Context Switch waste CPU cycle
Overall Improvement with latest hardware technology
CPU Virtualization Extension
MMU Virtualization
PCI/SIG I/O Virtualization
Key Performance Contributor
Memory Management
I/O Management
Timer Management

22 | 2012 Oracle Corporation Proprietary and Confidential

 Choose among guest VM types
Performance Matrix

Para-Virtualization HVM HVM with PV Driver

Memory Page faults handled by guest PV MMU Virtualization has more functionalities than PV
kernel Better performance than PV
Address Translation using MMU Has to be handled by software without MMU Virtualization
directly Performance is not good

I/O Only PV Driver is available Performance is very poor Near bare-metal

Near bare-metal performance performance

Timer Each guest VM receive timer from Emulated in Dom0 by software

Dom0 timer directly Need generate interrupts for guest VM
No simulated interrupt required Need CPU time to process
No time skew between Guest VMs Has latency between guest VMs
Will cause time skew between Guest VMs

23 | 2012 Oracle Corporation Proprietary and Confidential

 Metadata of a Virtual Machine
vm.cfg file
Describe Guest VM object
Guest OS Guest OS
OS Vendor & Version
Guest OS type
Resources
Virtual CPU(s)
Virtual Memory
Virtual Disk(s)
Sequence of disk file URLs only
Virtual Network Interface(s)
Guest VM CD-ROM

VM disk Image files

Store Guest VM data
At least one is required

24 | 2012 Oracle Corporation Proprietary and Confidential

 Sample vm.cfg File
(1 of 3)
name = '0004fb0000060000a16c1d729320e272'
uuid = '0004fb00-0006-0000-a16c-1d729320e272'
guest_os_type = 'linux'
OVM_os_type = 'Oracle Linux 5'
OVM_simple_name = 'DB1'
OVM_description = 'Oracle 11g DB Server'
bootloader = '/usr/bin/pygrub'
boot = 'c'
vfb = ['type=vnc,vncunused=1,vnclisten=127.0.0.1']

25 | 2012 Oracle Corporation Proprietary and Confidential

 Sample vm.cfg File
(2 of 3)
on_crash = 'restart'
on_reboot = 'restart
on_poweroff = 'destroy'
vcpus = 2
maxvcpus = 2
cpu_weight = 33000
cpu_cap = 0
memory = 16384
maxmem = 16384

26 | 2012 Oracle Corporation Proprietary and Confidential

 Sample vm.cfg File
(3 of 3)
OVM_high_availability = True
disk =
'file:/OVS/Repositories/0004fb000003000025edb8792d63ff7e/VirtualDisks/0004
fb00001200006b5af2c9371a49d0.img,xvda,w]
vif = ['mac=00:21:f6:aa:00:25,bridge=0004fb00105081b']
cpus = 0-3

Edit manually is not encouraged

May create mismatch between VM Repository and OVM Manager
Require to refresh repository to resolve inconsistency

27 | 2012 Oracle Corporation Proprietary and Confidential

28 | 2012 Oracle Corporation Proprietary and Confidential
29 | 2012 Oracle Corporation Proprietary and Confidential
30 | 2012 Oracle Corporation Proprietary and Confidential