Overview
The heart of the VM architecture is a control program or hypervisor called VM-CP (usually: CP; sometimes, ambiguously: VM). It runs on the physical hardware, and creates the virtual machine environment. VM-CP provides full virtualization of the physical machine – including all I/O and other privileged operations. It performs the system's resource-sharing, including device management, dispatching, virtual storage management, and other traditional operating system tasks. Each VM user is provided with a separate virtual machine having its own address space, virtual devices, etc., and which is capable of running any software that could be run on a stand-alone machine. A given VM mainframe typically runs hundreds or thousands of virtual machine instances. VM-CP began life as CP-370, a reimplementation of CP-67, itself a reimplementation of CP-40.
Running within each virtual machine is another, "guest" operating system. This might be:
- CMS ("Conversational Monitor System", renamed from the "Cambridge Monitor System" of CP/CMS). Its official name is VM-CMS (confusing, since VM is commonly called VM/CMS). Most virtual machines run CMS, a lightweight, single-user operating system. Its interactive environment is comparable to that of a single-user PC, including a file system, programming services, device access, and command-line processing. (While an earlier version of CMS was uncharitably described as "CP/M on a mainframe", the comparison is an anachronism; the author of CP/M, Gary Kildall, was an experienced CMS user.)
- A mainstream operating system. IBM's mainstream operating systems (i.e. the OS/MVS or DOS/VSE families) can be loaded and run without modification. The VM hypervisor treats guest operating systems as application programs with exceptional privileges - it prevents them from using privileged instructions (those which would let applications take over the whole system or significant parts of it), but simulates privileged instructions on their behalf. Most mainframe operating systems terminate a normal application which tries to usurp the operating system's privileges.
- Another copy of VM. A "second level" instance of VM can be fully virtualized inside a virtual machine. This is how VM development and testing is done. (A "second-level" VM can potentially implement a different virtualization of the hardware. This technique was used to develop S/370 software before S/370 hardware was available, and it has continued to play a role in new hardware development at IBM. The literature cites practical examples of virtualization five levels deep.(See page 55 of VM and the VM Community) Levels of VM below the top are also treated as applications but with exceptional privileges.
- A copy of the mainframe version of AIX or Linux. In the mainframe environment, these operating systems often run under VM, and are handled like other guest operating systems. (They can also run as 'native' operating systems on the bare hardware.)
- A specialized VM subsystem. Several non-CMS systems run within VM-CP virtual machines, providing services to CMS users such as spooling, interprocess communications, and specialized device support. They operate "behind the scenes", extending the services available to CMS without adding to the VM-CP control program. By running in separate virtual machines, they receive the same security and reliability protections as other VM users. Examples include:
- RSCS ("Remote Spooling and Communication Subsystem") – communication and information transfer facilities between virtual machines
- RACF ("Resource Access Control Facility") — a security system
- VNET — a virtual network interface
- GCS ("Group Control System"), which provides a limited simulation of the OS/MVS API.
Read more about this topic: VM (operating System)