標題: | 在KVM/ARM的平台上live克隆虛擬機 Live VM Cloning on KVM/ARM |
作者: | 陳偉安 Chen,Wei-An 徐慰中 Hsu,Wei-Chung 資訊科學與工程研究所 |
關鍵字: | 虛擬機;KVM/ARM;VM;VM cloning |
公開日期: | 2015 |
摘要: | Virtual Machine (VM) cloning is a potentially important, but not yet exploited technique of VM application. Like VM migration, VM cloning needs to make a copy of the current VM. Unlike VM migration, VM cloning is targeted to run on the same physical machine rather than moving to a different physical machine. Isolation is one of the attractive feature of VM. With VM, a rogue application can only bring down a VM, but not affecting other VMs on the same machine. Therefore, VM cloning can be effectively used for testing untrusted applications downloaded from the internet. In this case, the cloned VM can be used as a sandbox environment to isolate the potentially malicious application. Live VM migration refers to the process of VM migration without disconnecting the client or the application. Similar to Live VM migration, Live VM cloning creates a cloned copy without a noticeable pause of the current VM. This thesis introduces memory Copy-on-Access (CoA) mechanism based on ARM. By using this CoA mechanism, the memory copy time during cloning will be significantly decreased compare to the traditional Copy-on-Write (CoW) mechanism. Implemented on ARM/KVM, our prototype can clone a VM within 1-2 seconds depending on the memory size of the VM. In addition, also compare VM cloning with the similarity and difference between VM cloning and VM migration. Recently, the light-weight virtualization technique of Container has been successfully implemented by Docker. Since Docker is well advertised for its isolation capability, so a comparison between VM cloning and Docker is also included in this work. Virtual Machine (VM) cloning is a potentially important, but not yet exploited technique of VM application. Like VM migration, VM cloning needs to make a copy of the current VM. Unlike VM migration, VM cloning is targeted to run on the same physical machine rather than moving to a different physical machine. Isolation is one of the attractive feature of VM. With VM, a rogue application can only bring down a VM, but not affecting other VMs on the same machine. Therefore, VM cloning can be effectively used for testing untrusted applications downloaded from the internet. In this case, the cloned VM can be used as a sandbox environment to isolate the potentially malicious application. Live VM migration refers to the process of VM migration without disconnecting the client or the application. Similar to Live VM migration, Live VM cloning creates a cloned copy without a noticeable pause of the current VM. This thesis introduces memory Copy-on-Access (CoA) mechanism based on ARM. By using this CoA mechanism, the memory copy time during cloning will be significantly decreased compare to the traditional Copy-on-Write (CoW) mechanism. Implemented on ARM/KVM, our prototype can clone a VM within 1-2 seconds depending on the memory size of the VM. In addition, also compare VM cloning with the similarity and difference between VM cloning and VM migration. Recently, the light-weight virtualization technique of Container has been successfully implemented by Docker. Since Docker is well advertised for its isolation capability, so a comparison between VM cloning and Docker is also included in this work. |
URI: | http://140.113.39.130/cdrfb3/record/nctu/#GT070256004 http://hdl.handle.net/11536/127126 |
Appears in Collections: | Thesis |