Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono...
Transcript of Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono...
![Page 1: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/1.jpg)
Virtual AMT forUnified Management of
Physical and Virtual Desktops
Kenichi KouraiKouki Oozono
Kyushu Institute of Technology
![Page 2: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/2.jpg)
Desktop ManagementThe number of desktop PCs becomes
enormousAdmins manage them remotelyAgent software is installed in desktops
Agent-based management tools cannot access turned-off desktopsOr desktops under system failures or attacks
agent agent
managementtool
... ...
PC PC
![Page 3: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/3.jpg)
Intel AMTWhat is Active Management Technology
(AMT)?Embedded processor separated from main CPUs
Enable agentless remote management of turned-off desktopsProvide hardware informationReboot desktopsProvide remote GUI controlRestrict network access
AMT
managementtool
Z z z
PC
![Page 4: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/4.jpg)
Virtual DesktopsRun as virtual machines (VMs) in servers
Users access them remotelyDesktop as a Service (DaaS)
Enable consolidating desktops in serversAdmins can maintain desktops more easily
Software installation/update
VM VM...
servervirtual desktop
screen
keyboard/mouse
![Page 5: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/5.jpg)
Physical and Virtual DesktopsTwo types of desktops are mixed
The transition is in progressDifficult to use virtual desktops in laptop PCs
Admins have to use two management toolsFor AMT and for VMsIncrease the burden of desktop
management
VMAMT VM
virtual desktop
...
...
...
toolfor PCs
toolfor VMs
PC
AMT
![Page 6: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/6.jpg)
Virtual AMT (vAMT)Enable managing virtual desktops like
physical onesProvide the same interfaces as AMTAbsorb differences from physical desktops
Admins can perform unified management using AMT and vAMT
AMTVM
vAMT
AMTVM
vAMT
...
...
...
PC
virtualdesktop
managementtool
server
![Page 7: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/7.jpg)
(v)AMT InterfacesWS-Management
Allow remote management with CIMCIM provides a definition of management
informationSOAP
Allow remote management with Web servicesDeprecated from AMT 6.0 but still used
Keyboard/Video/Mouse (KVM)Allow out-of-band remote GUI control with VNC
![Page 8: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/8.jpg)
Monitoring Virtual DesktopsvAMT returns hardware information on a
VMObtain information of all elements or a specific
elementE.g., virtual CPUs, memory, power state
vAMT emulates non-existent hardware as necessaryE.g., temperature, voltage, manufacturer
vAMT
managementtool
EnumerateInstances
information on CPUs
VM
![Page 9: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/9.jpg)
Controlling Virtual DesktopsvAMT changes hardware state of a VM
Invoke methods defined in CIME.g., power on/off, CPU enabling/disabling
vAMT ignores requests of state changes to non-existent hardwareE.g., fan speed, WiFi state
vAMT
managementtool
RequestPowerStateChange()
Success
rebootVM
![Page 10: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/10.jpg)
Out-of-band Remote ControlvAMT provides a VNC server for a VM
Obtain the screen of a VMInject keyboard/mouse inputs to a VM
This remote control does not depend on a VMUseful at boot timeAvailable even if network failure occurs inside a
VMVNC
server
vAMTmanagement
tool
VNCVM
![Page 11: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/11.jpg)
How to Access Turned-off VMs?PCs always exist as concrete hardware
AMT can access hardware without regard to its power stateE.g., power management, VNC connections
VMs are destroyed after power offThe virtualized system can manage only running
VMsvAMT cannot access turned-off VMs
VM VM
power offpower on/off
PC
![Page 12: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/12.jpg)
Accessing Turned-off VMs (1/2)vAMT accesses a turned-off VM through its
config fileObtain hardware information written in the
config fileE.g., virtual CPUs, memory
Create a VM from the config file when power onvAMT integrates information from a
running VM and a config file seamlessly
vAMT
configfile
managementtool
VM
![Page 13: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/13.jpg)
Accessing Turned-off VMs (2/2)vAMT uses a VNC proxy to access a VM
The VNC proxy handles access to a turned-off VMReturn a dummy black screenIgnore keyboard/mount inputs
It redirects requests to a VNC server for a running VM
vAMT switches emulation and redirection automatically VNC
proxyVNC
server
vAMTmanagement
tool
VM
![Page 14: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/14.jpg)
How to Manage Migrated VMs?A VM can be migrated to another host
Attached vAMT is not migrated togetherPossible approaches
Restart vAMT at the destination hostExisting network connections to vAMT are tore
downvAMT remotely accesses a migrated VM
The source host cannot be shut down forever
vAMT
source host destination host
VM
![Page 15: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/15.jpg)
Managing Migrated VMsRun vAMT in another VM and co-migrate
vAMT with a target VMNetwork connections to vAMT are maintainedThe source host can be shut down
D-MORE [Kawahara et al.'14] enables synchronized co-migration of two VMsSolve timing issues
source host destination host
VMvAMT
![Page 16: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/16.jpg)
System Architecture
libvirtd
QEMU-KVM
vAMT
VM
Apacheweb
server
WS-Manserver
CIMOM
CIM provider
s
Axis2
Webservices
OpenPegasus
Tomcat
rfbproxy
![Page 17: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/17.jpg)
CIM ProvidersCIMPLE generates templates of CIM
providers from MOF filesThe MOF files are provided by Intel
Include the definitions of CIM classes
We have implemented 39/264 providersCIM providers access a VM using libvirt
class CIM_Processor : CIM_LogicalDevice { uint16 CPUStatus; uint32 EnableDevice(boolean Enabled); ...};
CIMProvider
CIMPLE
implement
![Page 18: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/18.jpg)
Types of CIM ProvidersInstance provider
Manage multiple instances with different properties for a CIM class
Association providerManage the relationship between instances of
different CIM classes
CIM_Processor provider
CPU 0
CPU 1
CIM_Chip provider
instances
Chip 0
Chip 1
instances
CIM_Realizes provider
![Page 19: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/19.jpg)
Web ServicesWSDL2Java generates templates of Web
services from WSDL filesThe WSDL files are also provided by Intel
We have implemented20/522 operationsWeb services access a VM
using libvirt-javaThey returns responses with
complex data structure
![Page 20: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/20.jpg)
ExperimentsObjectives
Confirm that tools for AMT can be used for vAMTCompare the performance of vAMT with that of
AMT
managementtool
AMT
AMT 7.1.4Intel Core i7
(3.4 GHz)2 GB memory
Intel Core i7 (2.93 GHz)
4 GB memory
vAMT
VM
1 vCPU1 GB memory
Xeon W3550 (3.06 GHz)
6 GB memory
![Page 21: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/21.jpg)
Connection: 97 requests of 26 CIM classes and 5 Web services to vAMT
![Page 22: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/22.jpg)
![Page 23: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/23.jpg)
![Page 24: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/24.jpg)
Obtaining the AMT VersionWinRM sent a request for one CIM class
> winrm g cimv2/CIM_SoftwareIdentity?InstanceID=AMT -r:http://192.168.0.173:16992/wsman
CIM_SoftwareIdentity InstanceID = AMT IsEntity = true VersionString = 7.1.4
GetInstancewhere InstanceID=AMTWinRM
vAMT
Version=...
![Page 25: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/25.jpg)
Performance ResultsPhysical desktop with AMT
More than 2 seconds in a turned-off PCAMT was in the sleep mode
Virtual desktop with vAMTvAMT was always faster than AMT
The host CPU was faster than the AMT chip
0.0
0.5
1.0
1.5
2.0
2.5 2.1
0.4 0.1 0.06
AMT (power off, 1st)
AMT (power off, 2nd)
AMT (power on)
vAMT
tim
e (
sec)
![Page 26: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/26.jpg)
Complex OperationsAssetDisplay sent multiple requests for
each operationCPU information, power off
> AssetDisplay -processor -host 192.168.0.173
Device ID: CPU 0Stepping: 7Max Clock Speed: 2930CPUStatus: CPU EnabledRole: CentralFamily: 198Upgrade Method: OtherManufacturer: Intel Corp.Version: Intel(R) Core(TM) i7 CPU @ 2.93GHPhysical Position: CPU 1
![Page 27: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/27.jpg)
Performance ResultsObtaining CPU information
AMT was 1.9 times slower than vAMTDue to searching association information
Turning the power offvAMT was faster than AMT
Performance difference was small
CPU info Power off0.0
0.5
1.0
1.5
AMT
vAMT
tim
e (
sec)
![Page 28: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/28.jpg)
Related WorkOpenIPMI lanserv simulator [Minyard]
Communicate with a virtual IPMI device of QEMU-KVM
Used for testing management tools for IPMICIM extension for virtualization [DMTF'07]
Enable managing both physical and virtual desktops
Still require differentiating themVMware Horizon View, Microsoft SCCM
Support both physical and virtual desktopsProvide only agent-based management
![Page 29: Virtual AMT for Unified Management of Physical and Virtual Desktops Kenichi Kourai Kouki Oozono Kyushu Institute of Technology.](https://reader031.fdocuments.us/reader031/viewer/2022032705/56649dd05503460f94ac6449/html5/thumbnails/29.jpg)
ConclusionvAMT for managing virtual desktops
Provide the same interfaces as AMT for physical desktops
Enable unified desktop managementWorked well with existing management tools for
AMT
Future workImplement all the CIM providers and Web
servicesE.g., packet filtering
Implement unsupported interfacesE.g., serial over LAN (SOL)