Information Technology Reference
In-Depth Information
A hypervisor runs on the system CPUs and causes overhead, but this
is generally limited to I/O activities if the CPU has virtualization-assist
features.
■
Paravirtualization can significantly decrease performance overhead caused
by a hypervisor.
■
Operating system virtualization results in more processes in the one OS
instance. This can be challenging for some operating systems, but the
overhead directly associated with virtualization activities is negligible.
■
Mix of computing activity versus I/O activity:
■
Computing activity does not increase overhead because the process runs
directly on the CPU.
■
Memory-intensive applications can increase overhead unless the CPU has
features to minimize this possibility.
■
For hypervisors, I/O activity must be controlled to prevent one VE from
accessing information owned by another VE: This activity increases
overhead.
■
Hardware features may simplify some virtualization tasks, reducing overhead.
■
The combination of unpredictable patterns of effective performance and the
potential for denial-of-service attacks makes resource management an essential
component of any virtualization solution. Resource controls ensure that the con-
solidated systems can meet their service level objectives and be protected from
resource starvation. Six resource categories are commonly managed:
CPU capacity: Controls are used to ensure that each VE gets enough CPU
time to provide appropriate responsiveness and to prevent denial-of-service
attacks, either from compromised VEs on the same system or from tradi-
tional network attacks.
■
Amount of RAM used: Controls should be used to ensure that each VE has
enough RAM to perform well.
■
Amount of virtual memory or swap space used: Unless each VE has its own
private swap device or partition, this type of control can be used to ensure
that each VE has enough swap space to work correctly and to prevent denial-
of-service attacks.
■
Network bandwidth consumed: Controls can be used to provide an appro-
priate quality of service for each workload and to prevent denial-of-service
attacks.
■
Search WWH ::
Custom Search