SOFTWARE DEFINED SYSTEMS

Course Code: SWEG5108

Target Group: 5th Year Software Engineering

2025
 Outline
Chapter 4 1. What is virtualization?

Virtualization 2. Software-defined everything (SDE)

3. Benefits of virtualization

4. Types of virtualizations

5. How secure is virtualization and how

are virtual machines managed?

6. Categories of Virtualization
What is virtualization?
 Virtualization is the process of creating a virtual version of a physical
resource, such as a server, storage device, or network.
 Multiple virtual machines (VMs) can run inside a physical machine
(PM)
 VM gives user an illusion of running on a physical machine
 Virtualization is a building block for cloud computing
 Virtualization enables multiple clients share the cloud’s compute
resources
 Multiple users on VMs/containers can share same cloud server

Software Defined System 3

What is virtualization?
 Virtualization is a basic enabler of Cloud Computing, it simplifies the
management of physical resources for the three abstractions.
 Virtualization abstracts the underlying resources, simplifies their use,
isolates users from one another, and supports replication which
increases the elasticity of a system

Software Defined System 4

What is virtualization?
 Virtualization simulates the interface to a physical object by:
o Multiplexing: creates multiple virtual objects from one instance of a
physical object. Many virtual objects to one physical. Example - a
processor is multiplexed among a number of processes or threads.
o Aggregation: creates one virtual object from multiple physical objects. One
virtual object to many physical objects. Example - a number of physical
disks are aggregated into a RAID disk.
o Emulation: constructs a virtual object of a certain type from a different
type of a physical object. Example - a physical disk emulates a Random
Access Memory (RAM).
o Multiplexing and emulation. Examples - virtual memory with paging
multiplexes real memory and disk; a virtual address emulates a real
address
Software Defined System 5
Similarities and Differences with Multiprogramming
 Multi Programming – Each Process thinks it has complete control on all
of the resources (Virtual Memory, CPU Sharing)

Multi Programming Virtualization

 CPU is shared among processes  CPU is shared among OSs.
 Memory is shared using Page  Memory is shared using more
Tables. level of indirections.
 Multiple Page tables.
 Process knows it is being
managed- uses system calls.  OS may or may not know that
it is being managed
Software Defined System 6
 Similarities and Differences with Multiprogramming

In summary, Multiprogramming focuses on maximizing CPU utilization

by running multiple processes concurrently, while Virtualization
abstracts physical resources into virtual machines, providing isolation
and flexibility.

Multiprogramming operates at the process level, whereas virtualization

operates at the hardware level.

Software Defined System 7

Virtual Machine Monitor (VMM / Hypervisor)
 A virtual machine monitor (VMM/hypervisor) partitions the resources
of computer system into one or more virtual machines(VMs).
 Allows several operating systems to run concurrently on a single
hardware platform.
 It is an execution environment that runs an OS
 VM – an isolated environment that appears to be a whole computer,
but actually only has access to a portion of the computer resources

Software Defined System 8

Virtual Machine Monitor (VMM / Hypervisor)
 A VMM allows:
 Multiple services to share the same platform
 Live
migration - the movement of a server from
one platform to another
 System modification while maintaining
backward compatibility with the original system
 Enforces isolation among the systems, thus
security
Aguest operating system is an OS that runs in a
VM under the control of the VMM.

Software Defined System 9

How VMM Virtualizes the CPU and the Memory ?
 Traps the privileged instructions executed by a guest OS and enforces the
correctness and safety of the operation
 Traps interrupts and dispatches them to the individual guest operating
systems
 Controls the virtual memory management
 Maintains a shadow page table for each guest OS and replicates any
modification made by the guest OS in its own shadow page table.
 This shadow page table points to the actual page frame and it is used by
the Memory Management Unit (MMU) for dynamic address translation.
 Monitors the system performance and takes corrective actions to avoid
performance degradation. For example, the VMM may swap out a VM to
avoid thrashing

Software Defined System 10

Type 1 and 2 Hypervisors
Type 1 Hypervisors (Bare-Metal Hypervisors)
 Type 1 hypervisors are installed directly on the hardware, without an underlying
operating system.
 They are also known as "bare-metal" hypervisors.
 Examples of Type 1 hypervisors include VMware ESXi, Microsoft Hyper-V, and
Citrix Hypervisor (formerly XenServer).
 Type 1 hypervisors have direct access to the hardware resources, which allows for
efficient resource management and high performance.
 They are commonly used in enterprise-level virtualization environments, such as
data centers, where high performance and reliability are critical.
 Type 1 hypervisors are typically more complex to set up and manage compared to
Type 2 hypervisors.

Software Defined System 11

Type 1 and 2 Hypervisors
Type 2 Hypervisors (Hosted Hypervisors)
 Type 2 hypervisors are installed on top of an existing operating system, such as
Windows or Linux.
 They are also known as "hosted" hypervisors.

 Examples of Type 2 hypervisors include VMware Workstation, Oracle VirtualBox,

and Parallels Desktop.
 Type 2 hypervisors rely on the underlying operating system to provide access to
the hardware resources.
 They are generally easier to set up and use compared to Type 1 hypervisors, as
they leverage the existing operating system's functionality.
 Type 2 hypervisors are commonly used on personal computers or workstations
for testing, development, or running multiple operating systems simultaneously.
 However, they may have slightly lower performance compared to Type 1
hypervisors due to the additional layer of abstraction.
Software Defined System 12
Type 1 and 2 Hypervisors
 Type 1 hypervisor: runs directly
on hardware, no need for host
OS

 Type 2 (hosted) hypervisor: runs

as an application on top of host
OS

Software Defined System 13

VM (Virtual Machine) migration
 VM (Virtual Machine) migration refers to the process of moving a
running virtual machine from one physical host or environment to
another.
 This can be done for various reasons, such as load balancing,
maintenance, disaster recovery, or infrastructure upgrades.
 There are two main types of VM migration:
 Live Migration
 Cold Migration

Software Defined System 14

VM (Virtual Machine) migration
Live Migration
 Live migration is the process of moving a running virtual machine
from one physical host to another without interrupting the VM's
operation or user experience.
 This is achieved by seamlessly transferring the VM's memory, CPU
state, and network connections to the new host.
 Live migration allows for continuous uptime and service availability,
making it particularly useful for mission-critical applications.
 Examples of live migration technologies include VMware vMotion,
Microsoft Hyper-V Live Migration, and KVM Live Migration.

Software Defined System 15

VM (Virtual Machine) migration
Cold Migration
 Cold migration, also known as offline migration, involves shutting
down the virtual machine, transferring its disk image and
configuration files to the new host, and then restarting the VM on the
new host.
 This method is simpler and does not require specialized migration
capabilities, but it results in downtime for the VM during the
migration process.
 Cold migration is often used for non-critical VMs or during planned
maintenance windows.

Software Defined System 16

VM (Virtual Machine) migration
 The key steps involved in VM migration (both live and cold) are:
 Preparation: Ensuring the target host has sufficient resources (CPU,
memory, storage) to accommodate the migrating VM.
 VM state capture: Capturing the current state of the VM, including its
memory, CPU, and network configurations.
 Data transfer: Transferring the VM's disk image, configuration files,
and captured state to the target host.
 VM restoration: Restoring the VM on the target host and resuming its
operation.

Software Defined System 17

What is load balancing?
 Load balancing is the process of distributing network traffic
efficiently among multiple servers to optimize application availability
and ensure a positive end-user experience.
 Load balancing directs and controls internet traffic between the
application servers and their visitors or clients. As a result, it improves
an application’s availability, scalability, security, and performance.
 Because high-traffic websites and cloud computing applications
receive millions of user requests each day, load balancing is an
essential capability for modern application delivery.

Software Defined System 18

What is load balancing?
 A web infrastructure with no load balancing might look something like the
following

 In this example, the user connects directly to the web server, at yourdomain.com.
 If this single web server goes down, the user will no longer be able to access the
website.
 In addition, if many users try to access the server simultaneously and it is unable
to handle the load, they may experience slow load times or may be unable to
connect at all.
Software Defined System 19
What is load balancing?
 This single point of failure can be
mitigated by introducing a load
balancer and at least one additional
web server on the backend.
 Typically, all of the backend servers will
supply identical content so that users
receive consistent content regardless
of which server responds.
 The user accesses the load balancer,
which forwards the user’s request to a
backend server, which then responds
directly to the user’s request.

Software Defined System 20

Benefits of virtualization
 Instant provisioning - fast scalability
 Live Migration is possible
 Load balancing and consolidation in a Data Center is possible.
 Low downtime for maintenance
 Virtual hardware supports legacy operating systems efficiently
 Security and fault isolation

Software Defined System 21

Types of virtualizations
 There are several types of virtualizations in the world of information
technology. Here are the main types:
1. Server Virtualization
 This involves running multiple virtual machines (VMs) on a single
physical server.
 Each VM runs its own operating system and applications, isolated
from the others.
 Examples: VMware ESXi, Microsoft Hyper-V, Citrix Hypervisor.

Software Defined System 22

Types of virtualizations
2. Desktop Virtualization
 Also known as Virtual Desktop Infrastructure (VDI).
 It involves hosting desktop environments on a centralized server, and users
access their virtual desktops remotely.
 Allows for centralized management and data security.
 Examples: Citrix Virtual Apps and Desktops, VMware Horizon.
3. Storage Virtualization
 This combines multiple physical storage devices into a single logical storage
pool.
 Provides abstraction from the underlying physical storage.
 Enables features like automated tiering, backup, and disaster recovery.
 Examples: NetApp ONTAP, VMware vSAN, Red Hat Ceph Storage.
Software Defined System 23
Types of virtualizations
4. Network Virtualization
 Involves the creation of virtual networks on top of the physical
network infrastructure.
 Allows for programmatic control and configuration of network
resources.
 Enables features like software-defined networking (SDN) and network
function virtualization (NFV).
 Examples: VMware NSX, Microsoft Azure Virtual Network, Cisco ACI.

Software Defined System 24

Types of virtualizations
5. Application Virtualization
 This isolates applications from the underlying operating system.
 Allows applications to run without being installed directly on the
client device.
 Simplifies application management and deployment.
 Examples: Microsoft App-V, Citrix App Layering, VMware ThinApp.

Software Defined System 25

Types of virtualizations
6. Hardware Virtualization
 Also known as server virtualization or platform virtualization.
 Allows multiple virtual machines to run on a single physical server.
 Provides the ability to create and manage virtual machines.
 Examples: VMware ESXi, Microsoft Hyper-V, Citrix Hypervisor.

Software Defined System 26

Security of Virtualization
 Isolation: Virtualization allows VMs to be isolated from each other
and the host operating system, reducing the attack surface.
 Containment: Even if a VM is compromised, the damage can be
contained and prevented from spreading to other VMs or the host.
 Snapshot/Rollback: The ability to quickly snapshot and roll back VMs
can help recover from security incidents.
 Patching: Virtualization makes it easier to rapidly patch and update
VMs compared to physical machines.

Software Defined System 27

Virtual Machine Management
 Image Management: Carefully managing VM images, templates, and
snapshots is crucial to prevent security issues from being propagated.
 Access Control: Implementing robust access controls and privilege
management for VM administration is essential.
 Monitoring and Logging: Comprehensive monitoring and logging of VM
activity is needed to detect and respond to security incidents.
 Network Security: Securing the virtual network, including firewalls, access
controls, and encryption, is critical.
 Backup and Disaster Recovery: Regular backups and disaster recovery
plans are necessary to ensure business continuity in the event of a security
breach or other incident.
 Compliance: Virtualized environments must be configured to meet relevant
compliance requirements, such as data protection regulations.

Software Defined System 28

Challenges of virtualization
Security Risks
 Increased attack surface as VMs can be entry points for malware and cyber
attacks.
 Risk of VM-to-VM attacks if not properly isolated.

 Potential for privilege escalation if VM administration controls are not robust.

 Securing the virtual network and managing virtual firewalls.

Performance Overhead
 Performance degradation due to the additional abstraction layer and resource
sharing.
 Ensuring adequate resources (CPU, memory, storage) for VMs to maintain
acceptable performance.
 Managing resource contention and oversubscription.

Software Defined System 29

Challenges of virtualization
Complexity
 Increased operational complexity in managing virtual infrastructure, such
as VM provisioning, migration, and decommissioning.
 Challenges in monitoring and troubleshooting virtualized environments.
 Difficulty in maintaining consistent configurations across multiple VMs.
High Availability and Disaster Recovery
 Ensuring high availability and reliable failover mechanisms for critical VMs.
 Implementing effective backup and disaster recovery strategies for
virtualized environments.

Software Defined System 30

Challenges of virtualization
Vendor Lock-in
 Potential vendor lock-in due to the use of proprietary virtualization
platforms and tools.
 Challenges in migrating VMs across different virtualization platforms.
Licensing and Compliance
 Ensuring compliance with software licensing requirements in a virtualized
environment.
 Managing software licensing for VMs, especially when using different
operating systems or applications.
Data Protection and Privacy
 Securing and protecting sensitive data stored or processed within VMs.
 Ensuring data isolation and preventing data leakage between VMs.

Software Defined System 31

What is Software-Defined Everything (SDx)?
 Software-Defined Everything (SDx) is a broad term that refers to the concept
of using software to control, manage, and configure various IT infrastructure
components and services.
 The "x" in SDx represents different types of infrastructure, such as storage,
networking, data centers, and more.
 SDx is a fundamental part of the broader movement towards cloud
computing, DevOps, and the adoption of modern, software-centric
approaches to IT infrastructure management.
 The key aspects of Software-Defined Everything (SDx) include Software-
Defined Storage (SDS), Software-Defined Networking (SDN), Software-Defined
Data Center (SDDC), Software-Defined Infrastructure (SDI), Software-defined
security.
Software Defined System 32
 THANK YOU
?
"Virtualization is the superpower
that unleashes the true potential
of IT. "

Software Defined System 33