Koʻu ʻike i kēia manawa:
1) KVM
ʻO KVM (Kernel-based Virtual Machine) kahi hypervisor (VMM - Virtual Machine Manager) e holo ana ma ke ʻano he module ma ka OS. LinuxPono kahi hypervisor e holo i ka polokalamu ma kahi ʻano ʻole (virtual) me ka hūnā ʻana i nā lako kino maoli e holo ai mai kēlā polokalamu. Hana ka hypervisor ma ke ʻano he "papa" ma waena o nā lako kino (ka host) a me ka OS virtual (ka malihini).
ʻOiai ʻo KVM kahi module kernel maʻamau Linux, loaʻa iā ia nā mea pono āpau mai ka kernel (hoʻokele hoʻomanaʻo, mea hoʻonohonoho, a pēlā aku). A, e like me ia, loaʻa kēia mau pono āpau i nā malihini (ʻoiai e holo ana nā malihini ma kahi hypervisor, e holo ana ma/ma loko o ka kernel OS). Linux).
He wikiwiki loa ʻo KVM, akā ʻaʻole lawa ia e holo i kahi OS virtual ma kāna iho, no ka mea, pono ia i ka hoʻohālike I/O. Hoʻohana ʻo KVM iā QEMU no ka I/O (processor, disks, network, video, PCI, USB, serial ports, etc.).
2) QEMU
ʻO QEMU (Quick Emulator) kahi emulator hāmeʻa e hiki ai iā ʻoe ke holo i nā ʻōnaehana hana i hoʻolālā ʻia no kekahi hoʻolālā ma luna o kekahi (e.g., ARM a i x86). Ma waho aʻe o ka mea hana, hoʻohālike ʻo QEMU i nā peripherals like ʻole: nā kāleka pūnaewele, nā HDD, nā kāleka wikiō, PCI, USB, a me nā mea hou aku.
Ke hana nei e like me kēia:
Hoʻololi ʻia nā kuhikuhi/code binary (e.g. ARM) i code waena kūʻokoʻa paepae me ka hoʻohana ʻana i ka mea hoʻololi TCG (Tiny Code Generator) a laila hoʻololi ʻia kēia code binary kūʻokoʻa paepae i nā kuhikuhi/code i manaʻo ʻia (e.g. x86).
ARM –> code_waena –> x86
ʻO ke kumu, hiki iā ʻoe ke holo i nā mīkini virtual me QEMU ma kekahi kikowaena, ʻoiai me nā mea hana kahiko i kākoʻo ʻole iā Intel VT-x (Intel Virtualization Technology) a i ʻole AMD SVM (AMD Secure Virtual Machine). Eia nō naʻe, i kēia hihia, e lohi loa ia, no ka mea, pono e hōʻuluʻulu hou ʻia ke code binary hiki ke hoʻokō ʻia i ʻelua manawa ma ka lele me ka hoʻohana ʻana iā TCG (ʻo TCG ke kū nei no Just-in-Time Compiler).
ʻO ia hoʻi, he mea maikaʻi loa ʻo QEMU, akā hana lohi loa ia.
3) Nā apo palekana
ʻAʻole holo wale ke code papahana binary ma nā mea hana e like me ia, akā aia ma nā pae like ʻole (nā apo / nā apo pale) me nā pae like ʻole o ke komo ʻana i ka ʻikepili, mai ka mea i pōmaikaʻi nui ʻia (Apo 0) a hiki i nā wili i kaupalena ʻia, hoʻoponopono ʻia a me nā "wili i hoʻopaʻa ʻia" (Apo 3).
Holo ka ʻōnaehana hana (OS kernel) ma Ring 0 (ʻano kernel) a hiki ke hana i kekahi mea me kekahi ʻikepili a i ʻole nā mea hana. Holo nā polokalamu mea hoʻohana ma Ring 3 (ʻano mea hoʻohana) a ʻaʻole kūʻokoʻa e hana i kekahi mea a lākou e makemake ai, akā pono e noi i ka ʻae i kēlā me kēia manawa e hana i kahi hana (no laila, loaʻa i nā polokalamu mea hoʻohana ke komo wale i kā lākou ʻikepili ponoʻī a ʻaʻole hiki ke "uhaki" i loko o ka pahu one o kekahi). Ua manaʻo ʻia nā Rings 1 a me 2 no ka hoʻohana ʻana e nā mea hoʻokele.
Ma mua o ka hoʻokumu ʻia ʻana o Intel VT-x / AMD SVM, ua holo nā hypervisor ma Ring 0, a ua holo nā malihini ma Ring 1. ʻOiai ʻaʻohe o Ring 1 i nā kuleana kūpono no ka hana OS maʻamau, i kēlā me kēia manawa i hana ʻia ai kahi kāhea kūikawā e kahi malihini, pono ka hypervisor e hoʻololi i ke kāhea ma ka lele a hoʻokō iā ia ma Ring 0 (like me ka hana a QEMU). ʻO ia hoʻi, ʻo ka binary malihini ʻAʻole ua hoʻokō pololei ʻia ma ke kaʻina hana, a i kēlā me kēia manawa ua hele ia ma o kekahi mau hoʻololi waena ma ka lele.
He mea nui ke poʻo nui a he pilikia nui kēia, no laila ua hoʻokuʻu nā mea hana hana, kūʻokoʻa kekahi i kekahi, i kahi hoʻonohonoho kuhikuhi i hoʻonui ʻia (Intel VT-x / AMD SVM) e ʻae ai i ka hoʻokō ʻana i ke code OS malihini. MA KE ʻANO KŪPONO ma ke kaʻina hana kikowaena (e kāpae ana i nā pae waena pipiʻi āpau, e like me ke ʻano ma mua).
Me ka hiki ʻana mai o Intel VT-x / AMD SVM, ua hana ʻia kahi pae kūikawā hou, ʻo Ring -1 (koe wale nō hoʻokahi). Ke holo nei ka hypervisor ma luna o ia mea, ʻoiai e holo ana nā malihini ma Ring 0 a loaʻa iā lākou ke komo kūikawā i ka CPU.
No laila, i ka hopena:
- Ke holo nei ka mea hoʻokipa ma Ring 0
- Hana nā malihini ma ke apo 0
- holo ka hypervisor ma Ring -1
4) QEMU-KVM
Hāʻawi ʻo KVM i nā malihini i ke komo ʻana i ka Ring 0 a hoʻohana iā QEMU e hoʻohālike i ka I/O (CPU, disks, network, video, PCI, USB, serial ports, etc.) a nā malihini e "ʻike" ai a launa pū me.
No laila ʻo QEMU-KVM (a i ʻole KVM-QEMU) 🙂
KEKAHI
P.S. Ua paʻi mua ʻia ke kikokikona o kēia ʻatikala ma ke kahawai Telegram i ka pane ʻana i kahi nīnau mai kekahi o nā mea komo o ke kahawai.
E ʻoluʻolu e kākau i loko o nā manaʻo kahi i kuhihewa ai au i ke kumuhana a inā paha he mea e hoʻohui ai.
Alakaʻi!
Source: www.habr.com
