Historically, a single computing device ran a single operating system. Each computer user, for instance, was assigned his or her own client computing device, and that computing device ran an operating system in which the user could run application programs as desired. Similarly, a server computing device ran a single operating system that ran application programs.
However, this type of computer architecture has disadvantages. First, it is costly, because each computing device needs a complete assortment of processors, memory, and input/output (I/O) devices to properly function whether it is being utilized or not. Second, the use of this type of architecture can be inefficient. At any given time, a given computing device may not be performing work, and rather is sitting idle, waiting for a task to be performed during times when workloads increase.
Therefore, a technology has been developed in which more than one operating system is capable of running on a single computing device, sharing at least the memory and the processors of the computing device. Such technology is referred to as virtualization. With virtualization, a given computing device has a number of virtual machines (VM's), or VM environments, where a guest operating system is run in each VM or VM environment. Therefore, guest operating systems for multiple computer users can be run simultaneously on a single computing device, such as a single server computing device. When workload demands are high, more VM's can be instantiated and run. When workloads are low, VM's can be suspended.
One type of virtualization technology is referred to as full virtualization. Full virtualization has the advantage of being able to be employed with “off-the-shelf” operating systems, with no modification made to these operating systems. This is particularly advantageous with respect to x86-based operating systems, such as versions of the Microsoft Windows® operating system and versions of the Linux operating system. Thus, a fully virtualized environment can be set up in which different instances of a Microsoft Windows® operating system and/or a Linux operating system can be run simultaneously on the same computing device, within different VM's (isolated from one another), without having to modify the operating systems
However, full virtualization has a significant disadvantage. In full virtualization, I/O access to I/O devices of the computing device, by a guest operating system running within a VM environment, is typically emulated. That is, the guest operating system does not have direct access to I/O devices, but rather the I/O requests from the operating system are sent to a VM manager, or hypervisor, which manages all the IO requests, processes them accordingly and sends them to the I/O devices as desired. Thus, full virtualization typically incurs a performance penalty during IO because the VM manager must monitor and emulate all IO operations on behalf of all VM's.
Another type of virtualization technology is referred to as para-virtualization. In para-virtualization, operating system software leverages programmatic interfaces exposed by the hypervisor to perform IO and DMA operations. Often, in a para-virtualized model, a special partition or VM is created to manage all IO. In a para-virtualized model, there is typically very little, if any, emulation, thus enabling a “thinner” or more lightweight hypervisor. Hence, para-virtualization has the advantage of providing for significantly better I/O performance than does full virtualization. For environments in which I/O performance is critical, para-virtualization can be a desirable solution.
However, para-virtualization suffers from a very significant disadvantage in that guest operating systems have to be customized, or completely rewritten, in order to run within para-virtualized environments. That is, an “off-the-shelf” operating system, such as versions of the Microsoft Windows® operating system and versions of the Linux operating system, cannot run within a para-virtualized environment without significant and fundamental modification.
Within fully virtualized systems there is considerable overhead associated with monitoring and emulation I/O purely in software without hardware assistance. In this case, hardware assistance refers to a set of hardware translation tables that enable secure address translation between a single DMA device and memory within a VM. Currently, the x86 processor architecture does not itself incorporate DMA translation capabilities. However, some x86-based systems do contain hardware features that enable the ability to translate, or remap DMA address spaces within the chipset used in the platform architecture.