The advantages of virtual machine technology have become widely recognized. Among these advantages is the ability to run multiple virtual machines on a single host platform. This can make better use of the capacity of the hardware, while still ensuring that each user enjoys the features of a “complete” computer. An additional benefit of virtualization, in some implementations, is greater security. For instance, virtualization increases security by isolating potentially unstable or unsafe software so that it cannot adversely affect the hardware state or system files required for running the physical (as opposed to virtual) hardware. A virtual machine (VM) is a software abstraction, or “virtualization,” of an actual physical computer system. Multiple virtual machines (VMs) can be installed on a physical host machine, referred to as a ‘host’, which includes physical system hardware. The physical system hardware typically includes one or more physical processors and physical memory and various other physical devices, such as an IO storage adapter to perform protocol conversions required to access a remote storage such as over a shared storage access network (SAN). The virtual system hardware ordinarily includes one or more virtual processors, virtual memory, at least one virtual disk, and one or more virtual devices all of which may be implemented using software to configure physical components of a physical machine to emulate the virtual components. One or more layers of co-resident software components comprising a virtualization intermediary, e.g. a virtual machine monitor (VMM), hypervisor or some combination thereof acts to instantiate and provision VMs and to allocate host resources dynamically and transparently among the VMs so that their respective guest operating systems can run concurrently on a single physical machine.
Physical storage shared among multiple VMs often is emulated so as to present virtual storage resources to the VMs. In some virtualization embodiments, a virtualization intermediary which manages interaction between VMs and physical storage, “traps” (intercepts) virtual storage requests issued by individual VMs and redirects the requests from virtual disks to physical storage regions such as a logical block addresses or sectors of a physical disk, for example. Such earlier virtualization intermediary uses trap handlers during emulation to redirect input/output (IO) commands to prevent storage access violations, for example. This emulation can be expensive in terms of instructions processed. Overall performance may decline when many VMs seek to access physical storage at the same time. The many storage requests can result in data access delays due to the compute cycles required by the virtualization intermediary to trap and translate simultaneous data requests from many VMs.
One solution to this problem has been proposed in the Single Root Virtualization I/O and Sharing Specification, Revision 1.0, Sep. 11, 2007 (PCI SR-IOV) specification. The PCI SR-IOV specification proposes providing each of one or more VMs with direct access to physical storage through its own storage adapter instance as a designated virtual function (VF) running on a physical storage adapter so as to avoid the need for heavy intervention by the virtualization intermediary to gain access to physical storage.
Direct access that bypasses the virtualization intermediary also may bypass certain storage virtualization benefits such as multipath IO capability of a virtualization intermediary. Multipath IO is a fault tolerance and performance enhancement technique in which a physical storage region may be associated with multiple SCSI paths. In general, multipathing provides redundancy and automatic fail-over by providing at least two physical paths to a target resource. Multipathing provides redundancy allowing for re-routing in the event of component failure, enabling higher availability for storage resources. Multipathing also allows for the parallel routing of data allowing increased scalability and faster throughput to overcome network congestion. Multiple paths can be achieved from host or storage controllers having more than one port, redundancy in the fabric, or having multiple controllers or buses (on the target controllers), for example.
In a direct access virtualized storage environment, each SCSI path that associates a virtual disk with a physical storage region is defined by a triplet (initiator, target, LUN). In a virtualized storage environment, multipathing techniques may associate a virtual disk with multiple SCSI paths. A virtual machine configured with multipathing software can select from among multiple SCSI paths to the same given physical storage region. A virtual machine configured with multipath software can leverage redundant paths to provide failover recovery and dynamic load balancing, for example.
Multipathing ordinarily involves the capability to perform SCSI path selection and SCSI path routing across the multiple paths of a high availability shared storage area network (SAN) configured with redundant physical paths between a SCSI initiator and SCSI target. Since in a PCI SR-IOV environment, VMs configured for direct-access to storage typically will be expected to co-exist on the same virtualization intermediary instance with VMs that are not configured for direct-access to physical storage, the direct access and non-direct-access VMs will most likely share the same physical SAN resources provisioned to the virtualization intermediary. However, permitting a direct-access virtual machine to make SCSI path selection and routing decisions can potentially have a detrimental impact upon the non-direct-access virtual machines that rely upon multipathing decisions of the virtualization intermediary. Moreover in keeping with virtual machine isolation and protection requirements, a virtualization intermediary typically operates to not expose the physical SAN to a virtual machine.