 I've been using a virtualized workstation as my daily driver machine for about a year now. And I would like to talk about it with you. I would like to talk to you about how do I use it? Why do I use it? What are the difficulties? And stuff like that. Okay, first a bit about me. I'm 17 years old. I study in English in high school here on Purkinjevo. And I'm in the third year. I work for a company called itself SRO. They are an internet provider here in Moravia. And in free time I do a lot of virtualization, networking, and I am also a part-time sound engineer. Okay, first I would like to explain what does the virtual workstation actually mean, right? Virtualized means that it is running above something else and you cannot straight up touch it, right? So at home I have a regular computer and I had a quest. We'll get to that quest very soon. And I'll still define the workstation. Workstation is a computer that mainly is very powerful. And in my case that is both for computer, both for processor, and for graphics card intensive tasks. Okay, now this is my home workstation, right? It's one computer powering a couple of operating systems. At the first point it's probably not so obvious, but you can see that there is Linux, there is Windows. Actually it's like this. You can also see that I have independent both keyboard and mouse, and I have both machines have an independent sound card. So I have pretty good audio from both of the machines. Since I said I do some engineering from time to time, there is a mixer laying straight next to my computer and I wanted to have independent control of volume for both of the rigs. The experience is pretty good. We'll get to that very soon. Okay, the rig, the machine that's powering it all. It does not have to be that powerful, but it should be at least a fair bit modern. In my case I have a third generation Core i5 running on an Intel reference board. I'll get to that very soon. I have 12 gigs of RAM, one 8 gig, one 4 gig stick. It's not a balanced configuration. I know it works. And I have a GTX 1060 plus a couple of SSDs, one for each of the systems. So on the 250 gig drive I have installed Linux, and on the 512 gig drive I have installed Windows. And I pass the drive directly through. The reason is pretty simple. I have an image because if Linux stops working or something is not right, I can boot straight into Windows and pull my stuff out of there because I also use it for all of my work stuff. At work we have an information system. We use some IDs that are not compatible with Linux and cannot be emulated with wine. I have tried. So now the task. As I said I want to run a couple of operating systems on one machine. I want to use Windows and Linux at the same time. I want to use them with full hardware acceleration. That means both for CPU intensive tasks and for GPU intensive tasks like video encoding or gaming. The end task is basically to create a couple of PCs within a single PC. You could actually go ahead, just connect a different monitor, different keyboard mounts to both of them, and there could be two people gaming at the same time on the same machine. I've tried it. It works pretty well. The solution is using the regular stack that is available on Fedora for virtualization. QMU as the software and KVM as the implementation for hypervisor. And plus I use something called PCI stop or VFIO. They are very similar things. One of them is older. One of them is newer. One of them is included in the kernel. One isn't PCI stop is integrated in kernel. You can use it straight away and it's originally been made just to cut away PCI devices that don't work. You can also use it for cutting them from the system but then putting them into the virtual machine forwarding the physical address of the device into the virtual machine where it appears straight up as hardware. There are some issues. I'll get into it with the setup. And VFIO, VFIO have to load it. It's an independent kernel module and it's much more modern. It supports some things that PCI stop has problems with. It's better when you restart the virtual machine many times so the GPU does not get stuck as many times and it's a bit harder to set up because you have to install it, import it, tell the OS to load it but then it works pretty well too. Okay. The execution. As I said, I'll be at least talking about how have I set it up. It takes about two hours, three hours to do this so I'll just talk about it. I use Fedora at home so I installed Fedora 29. Then the best way to do the setup of all the software is just install the virtualization group. You get basically everything you need. And then in the group, I see I have not any one more thing. In the group you have to first tell the Intel IOMU that it should start working and then you have to add your PCI devices. That's the PCI stop IDs part and in this case I have put it, I've put here the code for NVIDIA devices. So when you have a PCI device, it has to report what it is. It does using a vendor ID and a product ID. That's what you enter over here. First part is the vendor ID. NVIDIA uses 10DE, Intel uses 8086 and I'm not too sure for AMD because I have not used it for a long time. And then the other part is product ID. For example, for a laptop I was trying to run this on and that would be 0FF6. And then you just close WIM and you update the system. That's probably the best way to make a new configuration file if you have system up to date. The other way to do it is to just push the group config by running the ask command. If you have an EFI system you have to push it into ETC group 2-EFI config otherwise you leave out the EFI part and then you restart the computer and you can start setting up the VM. The best way to do it or at least the way I do it is by using the vert manager GUI. You go, you create a new virtual machine. You select ISO and boom. You go next, next, next. And at the end you just have to check that you are running it with ODMF kernel. If you do that everything should be fine. You can install the system. Now the part where you pass the GPU through. I do it through GUI. I just go into add a device, a PCI device and I add a specific device. I think I could show that at the end if we have some time and that should work for most devices. Now NVIDIA has this really funny error. I don't know if you've heard about how many things NVIDIA does. For example, I mean, you have definitely heard line solos, right? They have some really, really funny things in their drivers. Specifically, they don't allow for the regular consumer GPUs so the GeForce cards to be used in any environment that includes virtualization. The driver can detect it and it just locks it. The way around that is by using a tool called a VERSH patcher. There are about four things you have to modify on the virtual machine. I don't remember them on the top of my head so I found a really good tool for it. You clone it off of GitHub and you just go VERSH patcher and then you put in the name of the VM and the fixer that you want to apply. And sometimes it works, sometimes it doesn't. If you use VFIO it should work because on the GPU there is always, it's VBIOS, it's memory. With VFIO that memory gets forwarded into the virtual machine so that virtual machine can boot the GPU up. Sadly, with PCIe stuff that does not happen and you have to go around the internet, find the original file, download it and then using VERSH edit you have to edit the virtual machine and you have to put the ROM file in there. Once you do that, it usually works. Now let's talk performance because as I said, I want a workstation, not a slow machine. I have made a Google document and I ran through a lot of regular benchmarks. I'm just going to pull it up. There we go. And here you can see I'll start with Cinebench. For those of you who don't know, come on, where is it? Okay, that's weird. Well, I've had here results for Cinebench. They are not here anymore. I don't know why. I'll show how it runs because I have connected to my computer at home to the virtual machine itself. So this is Cinebench. For those of you who don't know, probably a lot of you won't. This is a benchmark which is used for measuring how fast is your computer during 3D. So I'll run it. You can see the current score it probably won't finish during the next 10 minutes. So I will just show you the score right now. It's 365 points. You can remember it. I'll run it. And when you run the same benchmark on the hardware itself, you get around 440 points. So in this case, you lose about 20 to 25% of performance. The reason is, behind in the background, there is a computer game sitting. I have it prepared as one of the demos. As I have not prepared the results for it, I'll run it live. I'll show you how it actually looks. The performance of the VM is pretty good. There, with the GPU, it gets a little bit more complicated. I'll just stop it for now. I said here, in this case, we lose about 20% of performance. In the game I want to try, we should be able to get 60 FPS on Full HD. If you give me a second, I'll launch the benchmark. There we go. You can see this is actually running at home and streamed over the internet here to my laptop. And then I am showing it to you. So this is a full-on game. It requires basically the most of a modern computer. And it runs in a virtual VM just fine. So you can play computer games in a virtualized environment. The reason for why it's stuttering right now is because it's getting transferred over the network. But if I show you the results, it will say that they are stable 60 FPS. To make the demo a bit better, so that you can see that it is actually smooth on the machine at home, I will try pulling it out of full screen. You'll see where that works for us. The mouse is back. It looks a bit better. As you can see, the bottleneck actually is just the streaming. At home, when I play games straight in front of the virtual machine, I can full-on enjoy the game with its 60 FPS in full glory in basically the highest details there are. Now, there is a bottleneck. I will get to this bottleneck very soon. But a little hint, which you'll be able to see very quickly, is you can see the CPU is pinned. I'm using 99% of my CPU, right? It does not seem right. Usually, the game on the machine itself consumes about 80% of the CPU and the whole GPU. The problem is the virtualization. When you pass the GPU through, you have to disable some of the... some of the extensions of the CPU. So some of its features cannot be used. One of them mainly is the so-called HPEG timer and anything that resembles a solid timer. Because that's a pretty good point on which NVIDIA can find out that you are indeed running a virtual machine. So you have to disable it. Then you also have to hide the fact that you are running a virtual machine through KVM. And that's mainly the reason for why I cannot use the full performance of the CPU. I'll go back to the benchmarks now because there is some pretty interesting stuff. So, you know what? This is just ridiculous. Why is this not loading? I could swear it was in there 15 minutes ago. There we go. So this is performance of an SSD that I'm passing through to the VM. I'm going to make it bigger for you because I see you can't read it. Okay, so, as you can see, some of the performance when you're reading is very similar, and some of the performance is completely different. Very specifically, when you do sequential read or write, you are going from left to right on the drive and boom in a straight line, right? It's not that hard, but when you're skipping a lot, the performance gets lost on the VM. It's because the drive gets passed through a so-called abstraction layer. So, when you have the drive in the system, the OS can go straight to it. In this case, the OS virtualized has to go through its controller, the virtualized one, and then it goes onto the OS that is running it and then on the controller physical and then it goes onto the drive. So, there are about five steps and that's why when you are asking a lot of different stuff around the drive, it takes a lot of time. Then I found out one other thing. I wanted to try out how fast is copying from RAM and to RAM within the virtual machine. So, I've run this really cool test called Cinebench and I've made a one gigabyte drive in RAM. It's so-called RAM disk, right? You just take a bit of your RAM and you define it a letter in Windows so you can access it. It should be very fast and in some cases it outperforms my SSD by a lot. And again, when you're reading sequentially, there are again no issues but what is kind of surprising for me when I was reading random values, the delay was not so bad. Obviously, because it is running for an abstraction layer, the performance is not going to be 100%. But it was surprising to me. It was not straight up like under 50%. So, this means that you can do most of the harder virtualized workloads even on a virtual machine like this. Then I tried so-called 3D Markfire Strike. This is a benchmark. It's a game benchmark. It's supposed to show mainly the graphics cards performance and you can see that the GPU, when you pass it through, only loses about 4% to 5% of its overall performance, which is pretty great. Sometimes there are obviously issues with it. For example, when I was running this benchmark, the 3D Mark benchmark, I've had several crashes. Windows just randomly restarted. There is an issue in Windows where when you run a certain instruction, it goes straight to the GPU and it asks some of the parts of BIOS on motherboard which obviously in the VM are not available. And because of that, the whole VM crashes and also the performance of the host is really bad. And remember, I'm trying to use the host as one of the systems. So, the way around that is adding one more parameter. It is, I believe, KSRS Ignore. That's the name of the instruction and I just tell the kernel, ignore this instruction straight up. It lowers the performance by a bit but it's not that noticeable. So, that's the benchmarks and I wanted to do one more thing with this. I wanted to make it... Did I not put the slide in? I wanted to make it portable. There it is. So, there are... I mean, you've probably seen it, heard about it. There are laptops which include a couple of graphics cards. One of the graphics cards is the Intel one integrated into the CPU and one of them is the dedicated GPU from NVIDIA. It's called NVIDIA Optimus. Now, I tried to do this. I tried to do the same procedure as with my workstation. You know, cut the GPU, put it into the VM and you'll see what happens. Again, I had to find a ROM file. There is a big issue with the ROM files. Because you are booting the virtual machine over EFI, the ROM file has to include EFI-capable VBIOS. It turns out that NVIDIA did patch only Maxwell cards and then they obviously published new Pascal cards which supported really well. But for any older graphics card you cannot find any EFI-VBIOS. So, I asked Red Hat whether they could lend me a workstation to write laptops and I could show you actually switching between Linux and Windows on the same machine. But it turns out the Quadro in there is just a single generation too old. It happens. It turns out that in order for this you have to run a Maxwell or a GPU and you still have to be kind of lucky because not all of the Maxwell cards do actually have this EFI-VBIOS. Once you have it, it's a very similar procedure with a single exception. You cannot hook up a display straight to the VM like I do with my workstation but you have to pass it through and access it remotely over the network. One of the best ways is which what I have demonstrated right here the RIMU desktop protocol it has some issues when you are trying to actually preview what is it doing but when you're doing the computing it's not that big of a deal. So, that's about it. Okay. Does anyone have any questions? I have kind of rushed it. It has not been a perfect explanation but interested in anything you can ask me. Okay. With the 3D applications it depends. If you are running a game and it requires to catch the mouse cursor it does not work at all because the mouse cursor gets passed through RDP as tablet not as a mouse. So, regular mouse sends to the computer move the cursor in this way this much. A tablet says move the cursor over here. That's why you cannot use the 3D applications in full screen mode but with 3D applications where it is compatible with this tablet mode I would call it it works pretty well. So, games through RDP are not really really usable but on the local machine it works really well. Okay. Any other questions? Okay. Yes. Yes. In my case as I showed I am using it as a daily thing I begin experimenting with this idea about a year ago. I first stumbled upon this. Yeah, I know. I first stumbled upon this idea on a channel called Level One Text. There is a guy called Wendell who is very interested in virtualization in modern hardware. He does a lot of research. He has, for example, found out why the 2990WX the new Fred Ripper is so slow on Windows and he has showed off this really cool technology. That's when it actually first hit me. The first step was to start using Linux. I've used Linux when I was in about fifth or sixth grade. I didn't like it. I went back to Windows and so the first thing was to actually learn to use Linux. So I installed it on the workstation and used it for a few weeks and then I finally went back to my point of making the virtualized workstation. I first tried just virtualization. By itself, the performance of the CPU side is good but without the graphics card right you cannot do basically anything intensive. You cannot watch a video. You cannot do anything. But as I was tweaking it I found out about the PCI device. I studied it. I passed it through and since that point on I am using the Windows workstation as a regular computer. Basically it looks like as if I had a couple of computers and I was just turning around between them, right? You basically in the daily workloads don't know this that it is actually a virtualized machine. So it works pretty well for me. To answer it completely perfectly I use it. It works and it's pretty quick. Okay, any other questions I see? I don't have a VR headset available sadly so I could not try it. If you know about somebody who will be interested in borrowing this to me I would love to try it out. I'm sad that I have not put there in the end a slight contact over here over here but I am sitting here on the Mozilla stand until I would say about 6pm so you can go there and talk straight to me. Okay, any other questions? Okay, I don't see any. So thanks for attention.