CN107463402A

CN107463402A - The operation method and device of virtual opetrating system

Info

Publication number: CN107463402A
Application number: CN201710640433.7A
Authority: CN
Inventors: 庄志伟
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd; Tencent Cloud Computing Beijing Co Ltd
Priority date: 2017-07-31
Filing date: 2017-07-31
Publication date: 2017-12-12
Anticipated expiration: 2037-07-31
Also published as: CN107463402B

Abstract

The invention discloses a kind of operation method of virtual opetrating system and device.Wherein, this method includes：The first instruction is received on the target device, and being run on target device has destination OS, and first instructs for indicating to run the first virtual opetrating system provided by the first system container in destination OS；In response to the first instruction, the first resource of the first virtual opetrating system distribution is retrieved as, first resource is including running the physical resource used in virtual opetrating system on target device；The target window of the first system container is shown on the system interface of destination OS, and display uses the system interface of the first virtual opetrating system of first resource operation in target window, the system kernel of first virtual opetrating system is the system kernel of destination OS, and the system drive of the first virtual opetrating system is the system drive of destination OS.The present invention solves the slower technical problem of startup of virtual machine in correlation technique.

Description

The operation method and device of virtual opetrating system

Technical field

The present invention relates to internet arena, in particular to the operation method and device of a kind of virtual opetrating system.

Background technology

Virtualization, refers to that by virtualization technology be more logical computers by a computer virtual.In a calculating Multiple logical computers are run simultaneously on machine, each logical computer can run different operating system, and application program is all It can run and be independent of each other in separate space, so as to significantly improve the operating efficiency of computer.Virtualization uses The method of software redefines division IT resources, it is possible to achieve the dynamically distributes of IT resources, flexible dispatching, cross-domain shared, raising IT resource utilizations, IT resources is really turned into social infrastructure, serve application flexible and changeable in all trades and professions Demand.

In the related art, the implementation of virtualization is as shown in figure 1, first in the hardware and software resource of Host main frames Different CPU (such as X86, PPC, SPARC) is fictionalized using QEMU on (system resource that such as main frame carries, hardware resource) Deng hardware device, then different driving Drivers and different systems are used (such as in the virtual different hardware equipments of QEMU Linux, Windows etc.), then user is transported using management software as such as KVM, VMWare in the system fictionalized The application program of row user oneself, operation file (install or be stored in user's space).

In the related art, there are the following problems：System starts slow, it is necessary to consume the long period.

Because in the scheme of correlation technique, needed before activation system first with the hardware devices such as QEMU virtual cpus, Ran Houcai Can activation system.And whole QEMU virtual process needs virtual phy CPU, disk, graphic processing apparatus, network equipment etc. to set It is standby., it is necessary to which the virtualization provided using CPU supports that VT-X (is that intel is used during whole virtual hardware equipment An instruction set in Virtualization virtualization technologies) created for Guest OS (i.e. passenger plane or virtual machine) at virtualization Device is managed, is used kvm (being Kernel-based Virtual Machine abbreviation, be the system virtualization an increased income module) Host memory is virtualized into the address of independent virtualization internal memory, I/O request is intercepted by QEMU, to complete to hardware device Virtualization, whole process is than for the physical equipment for directly using Host main frames, it appears extremely slowly, has dragged slowly opening for system The dynamic time.

And because existing system needs to fictionalize different hardware devices, so the hardware fictionalized is empty corresponding to operation When intending operating system, also need to start a set of driver of oneself in each virtual opetrating system, reduce further startup Efficiency.

For the slower technical problem of startup of virtual machine in correlation technique, effective solution is not yet proposed at present.

The content of the invention

The embodiments of the invention provide a kind of operation method of virtual opetrating system and device, at least to solve correlation technique Middle virtual machine starts slower technical problem.

One side according to embodiments of the present invention, there is provided a kind of operation method of virtual opetrating system, the operation side Method includes：The first instruction is received on the target device, wherein, being run on target device has destination OS, the first instruction For indicating to run the first virtual opetrating system provided by the first system container in destination OS；Refer in response to first Order, the first resource of the first virtual opetrating system distribution is retrieved as, wherein, first resource, which includes operation virtual opetrating system, to be made Physical resource on target device；The target of the first system container is shown on the system interface of destination OS Window, and display uses the system interface of the first virtual opetrating system of first resource operation in target window, wherein, first The system kernel of virtual opetrating system is the system kernel of destination OS, and the system drive of the first virtual opetrating system is mesh Mark the system drive of operating system.

Another aspect according to embodiments of the present invention, additionally provide a kind of running gear of virtual opetrating system, the operation Device includes：Receiving unit, for receiving the first instruction on the target device, wherein, being run on target device has target behaviour Make system, first instructs for indicating to run the first pseudo operation system provided by the first system container in destination OS System；Response unit, for being instructed in response to first, the first resource of the first virtual opetrating system distribution is retrieved as, wherein, first Resource includes the physical resource on target device used in operation virtual opetrating system；Display unit, in target The target window of the first system container is shown on the system interface of operating system, and display uses first resource in target window The system interface of first virtual opetrating system of operation, wherein, the system kernel of the first virtual opetrating system is object run system The system kernel of system, the system drive of the first virtual opetrating system are the system drive of destination OS.

In embodiments of the present invention, when receiving the first instruction on the target device, it is retrieved as the first virtual opetrating system The first resource of distribution, the target window of the first system container is shown on the system interface of destination OS, and in target The system interface for the first virtual opetrating system (i.e. virtual machine) that display is run using first resource, the first pseudo operation in window System directly invokes the system kernel of destination OS, and directly invokes the system drive of destination OS to run, can To solve the slower technical problem of the startup of virtual machine in correlation technique, and then improve the skill of the toggle speed of virtual machine Art effect.

Brief description of the drawings

Accompanying drawing described herein is used for providing a further understanding of the present invention, forms the part of the application, this hair Bright schematic description and description is used to explain the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings：

Fig. 1 is a kind of schematic diagram of optional dummy machine system in correlation technique；

Fig. 2 is the schematic diagram of the hardware environment of the operation method of virtual opetrating system according to embodiments of the present invention；

Fig. 3 is a kind of flow chart of the operation method of optional virtual opetrating system according to embodiments of the present invention；

Fig. 4 is a kind of schematic diagram of optional dummy machine system according to embodiments of the present invention；

Fig. 5 is a kind of schematic diagram of optional kernel compiling option according to embodiments of the present invention；

Fig. 6 is a kind of schematic diagram of the running gear of optional virtual opetrating system according to embodiments of the present invention；

Fig. 7 is a kind of schematic diagram of the running gear of optional virtual opetrating system according to embodiments of the present invention；And

Fig. 8 is a kind of structured flowchart of terminal according to embodiments of the present invention.

Embodiment

In order that those skilled in the art more fully understand the present invention program, below in conjunction with the embodiment of the present invention Accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only The embodiment of a part of the invention, rather than whole embodiments.Based on the embodiment in the present invention, ordinary skill people The every other embodiment that member is obtained under the premise of creative work is not made, it should all belong to the model that the present invention protects Enclose.

It should be noted that term " first " in description and claims of this specification and above-mentioned accompanying drawing, " Two " etc. be for distinguishing similar object, without for describing specific order or precedence.It should be appreciated that so use Data can exchange in the appropriate case, so as to embodiments of the invention described herein can with except illustrating herein or Order beyond those of description is implemented.In addition, term " comprising " and " having " and their any deformation, it is intended that cover Cover it is non-exclusive include, be not necessarily limited to for example, containing the process of series of steps or unit, method, system, product or equipment Those steps or unit clearly listed, but may include not list clearly or for these processes, method, product Or the intrinsic other steps of equipment or unit.

First, the part noun or term occurred during the embodiment of the present invention is described is applied to as follows Explain：

CGroup:Cgroups is control groups abbreviation, is that one kind that linux kernel provides can be limited, remembered Physical resource used in record, isolated process group (process groups) is (such as：CPU, memory, IO etc.) mechanism.

NameSpace：NameSpace is to be used for realizing the mechanism that software resource is isolated, isolation processing master in linux kernel Machine name and domain name, mount point (file resource), process numbering, information content, message queue, shared drive, the network equipment, port net The virtualizations such as network stack need the software resource created.

Virtualization：Refer to that by virtualization technology be more logical computers by a computer virtual.In a calculating Multiple logical computers are run simultaneously on machine, each logical computer can run different operating system, and application program is all It can run and be independent of each other in separate space, so as to significantly improve the operating efficiency of computer.Specifically can be one Operating system code using modification and driving in individual physical equipment, it is soft that realization fictionalizes single or multiple hardware resource sharings Part resource, and the technology of operating system that is mutually isolated and mutually switching.

LXC containers：LXC is writing a Chinese character in simplified form for Linux Container.The virtualization of lightweight can be provided, so as to isolate into Journey and resource, and instruction explanation facility and other fully virtualized complexity need not be provided.Equivalent in C++ NameSpace.Resource by single operating management is effectively divided into isolated group by container, with preferably isolated Group between balance have the resource use demand of conflict.

Host:The android equipment that physical resource and software resource are provided for respective fictional container is either virtual Android equipment.

QEMU：It is a set of analog processor with GPL license distribution source codes write, makes on GNU/Linux platforms With extensive.

busybox：It is the software for being integrated with more than 100 the most frequently used Linux command and instrument.

PID：Full name is Process Identification, fingering journey identifier in operating system, that is, process mark Know symbol.A program is often opened in operating system can all create a process ID, i.e. PID.

Adb：Full name is Android Debug Bridge, plays a part of debugging bridge.By adb instruments, can manage The state of equipment or mobile phone simulator, many mobile phone operations can also be carried out, software, system upgrade, operation shell lives are such as installed Order etc..

Embodiment 1

According to embodiments of the present invention, there is provided a kind of embodiment of the method for the operation method of virtual opetrating system.

Alternatively, in the present embodiment, the operation method of above-mentioned virtual opetrating system can apply to it is as shown in Figure 2 by In the hardware environment that server 202 and terminal 204 are formed.As shown in Fig. 2 server 202 is carried out by network and terminal 204 Connection, above-mentioned network include but is not limited to：Wide area network, Metropolitan Area Network (MAN) or LAN, terminal 204 are not limited to PC, mobile phone, flat board Computer etc..The operation method of the virtual opetrating system of the embodiment of the present invention can be performed by server 202, can also be by terminal 204 perform, and can also be and are performed jointly by server 202 and terminal 204.Wherein, terminal 204 performs the embodiment of the present invention The operation method of virtual opetrating system can also be performed by client mounted thereto.

Fig. 3 is a kind of flow chart of the operation method of optional virtual opetrating system according to embodiments of the present invention, such as Fig. 3 Shown, this method may comprise steps of：

Step S302, the first instruction is received on the target device, being run on target device has destination OS, and first Instruct for indicating to run the first virtual opetrating system provided by the first system container in destination OS.

Above-mentioned target device runs system (namely the object run system for kernel with linux kernel (or Unix kernels) System), the system run includes but is not limited to Linux, Ubuntu, Android, and the type of the target device includes but not office It is limited to mobile device, terminal PC, server；One or more system container are installed, each in destination OS System container is used to provide a virtual opetrating system, and the virtual opetrating system that any two system container is provided can be with identical It is or different.

When target device is mobile device or PC, by providing system container in mobile device or PC (equivalent to void Intend operating system), facilitate user to use mobile device or PC in the safe mode, i.e., each user is only capable of entering corresponding system appearance The virtual opetrating system that device is provided, and system container used in multiple users is separate, physical isolation, will not mutual shadow Ring, the security of information in mobile device or PC can be improved.

When target device is server, server can provide several system container by the form of cloud service, often Individual user can use the system container of oneself by internet, and on the one hand can reduce user local terminal cost (only needs one Networked devices can enter the virtual system of oneself), and do not have to frequent updating apparatus；On the other hand the peace of information can be improved Full property (due to used system container independently of each other, physical isolation).

Step S304, in response to the first instruction, it is retrieved as the first resource that the first virtual opetrating system is distributed, first resource Including the physical resource used in operation virtual opetrating system on target device.

In correlation technique, for different virtual opetrating systems, the physical resources such as shared CPU, internal memory be present, from And information when one of virtual opetrating system operation be present is known (as being present in shared drive by other operating systems Information) possibility, so as to have impact on the security of virtual opetrating system.

For any two system container (equivalent to two virtual opetrating systems) of the application, that is distributed is used to run Or the physical resource of bearing system container is isolated independently of each other, cpu resource as used, memory source etc. differ, so as to The information in virtual opetrating system running can be avoided to be known by other virtual opetrating systems, improve virtual opetrating system fortune Capable security.

Step S306, the target window of the first system container is shown on the system interface of destination OS, and in mesh The system interface of the first virtual opetrating system that display is run using first resource in window is marked, the first virtual opetrating system is System kernel is the system kernel of destination OS, and the system drive of the first virtual opetrating system is the system of destination OS Driving.

In the related art, system starts slow, it is necessary to which the reason for consuming the long period mainly includes following two aspects： (1) needed before activation system first with hardware devices such as QEMU virtual cpus, then could activation system；(2) independence and nothing are driven Method is shared, and existing system needs to fictionalize different hardware devices, even if fictionalizing identical hardware, each virtual opetrating system It is required for running a set of driver of oneself during startup.

In addition, in the related art, there also have that technical costs is high, the bit error rate is high, transmission speed is slow, security is poor etc. to be similar Problem, bad the defects of waiting is experienced for personal user.

For the virtual opetrating system run in destination OS, directly utilize in the system in destination OS Core and system drive are run, and are set without fictionalizing physical layer CPU, disk, graphics process for each virtual opetrating system The standby, network equipment, internal memory, driving, system kernel etc., only need to establish corresponding system process when virtual opetrating system starts, Associative directory (such as root) is initialized, and system kernel in invocation target operating system and system drive are run i.e. Can, and it is started without physical layer CPU, disk, graphic processing apparatus, the network equipment, internal memory, driving, the system kernel fictionalized Deng.So as to solve the problems, such as in correlation technique, reach the effect for the starting efficiency for improving virtual system.

Alternatively, for each system container, a user can be belonged to and (user is such as supplied in the form of cloud service Using), can be according to the system of user's instruction when user needs to upgrade the virtual opetrating system that system container provides The virtual opetrating system that version is provided system container upgrades.

It is advantageous in that using above-mentioned upgrading mode, user can be with the Telnet terminal, and does not have to upgrading local device, right There is no any influence in user.And the consumption of customer upgrade equipment (such as mobile phone, flat board) can be reduced, while be by newest Command the experience best to user.

By above-mentioned steps S302 to step S306, when receiving the first instruction on the target device, it is empty to be retrieved as first Intend the first resource of operating system distribution, the target window of the first system container is shown on the system interface of destination OS Mouthful, and display uses the system interface of the first virtual opetrating system (i.e. virtual machine) of first resource operation in target window, First virtual opetrating system directly invokes the system kernel of destination OS, and the system for directly invoking destination OS is driven Move to run, can solve the slower technical problem of the startup of virtual machine in correlation technique, and then improve virtual machine The technique effect of toggle speed.

(1) system container and its running environment are created

The application has used the linux system kernel of Host main frames (i.e. target device), is driven using Host Drivers It is dynamic, in order that the compatibility for obtaining host driven is more preferable, partial code modification can be carried out in driving, uses LXC instrument (i.e. mesh Mark instrument) as the startup and management tool for virtualizing container, to start multiple mutually isolated containers on Host, to provide Used to user, for the ease of description, follow-up target device illustrates by taking Android main frames as an example, as shown in Figure 4：

The kernel version that Android is used is changed on the Host Android main frames that repairing is corrected one's mistakes, uses linux kernel CGroups and NameSpace functions support the virtualization of the virtualization of hardware and software resource.Use NameSpace and PID The isolation of software resource is completed, and starts a launching process for each container using LXC instruments (LXC Tools) and creates NameSpace (i.e. NameSpace) and corresponding CGroup (process of packetizing management), and (namely be according to LXC containers Unite container) in configuration file (i.e. config files) in parameter carry out initial configuration (as configuration correlation virtual hardware Parameter), then after software and hardware resource is ready to complete, process calls " init.rc " (system initialization configuration file) to come Start initialization and start virtual operating system.

From the above, it is seen that during system container and its running environment is created, mainly including following several Individual part：

1) modification to Host android systems to the code of Android source codes and kernel, it is necessary to modify；

2) LXC instruments need to be transplanted to android system by cross compile, allow LXC instruments in android system Middle operation；

3) busybox instruments are added for Host android systems, addition android system is lacked using LXC instruments Instruction and application；

4) the LXC containers that extracting and making can use in android system (include the phase of system startup optimization needs Close file and LXC configuration file)；

5) modification addition kernel-driven code and related management code are used for the operating system of switching virtual.

(1) on the modification to Host android systems

In order in Host android systems use LXC tools, it is necessary to system kernel support CGroup and NameSpace, while need modification Android source codes to get rid of and PIE is limited.

In order to start CGroup the and NameSpace functions of Android linux kernels, it is necessary to change Android The compiling configuration of linux kernel, shown in a kind of optional new plus config option code below：

Such as NameSpace functions：

CONFIG_NAMESPACES=y

CONFIG_IPC_NS=y

Above-mentioned " CONFIG_NAMESPACES=y " is equivalent to unlatching NameSpace functions, " CONFIG_IPC_NS=y " Equivalent to unlatching IPC functions.

For CGroup functions：

CONFIG_CGROUPS=y

CONFIG_CPUSETS=y

Above-mentioned " CONFIG_CGROUPS=y " equivalent to open CGroup functions, " CONFIG_CPUSETS=y " equivalent to Allow to set CPU.

Alternatively, in order that the version, it is necessary to according to Android linux kernels is more stablized in the operation for obtaining linux kernel The version of the LXC instruments of this selection matching.

When changing Android source codes to remove the limitation to PIE, it is also necessary to change " linker.cpp " and (be used to perform The link work of Android dynamic base), comment out or delete the code related to PIE.

(2) cross compile on LXC instruments is transplanted

Destination OS system kernel not include target tool in the case of, receive the second instruction (namely The instruction of cross compile and transplanting is carried out to LXC instruments) when, target tool is passed through into cross compile according to the instruction of the second instruction After be attached in destination OS, be used to distribute for different system container added to the target tool in destination OS Mutually isolated physical resource.

In order to realize the cross compile to LXC instruments, " this crossstool of android ndk ", configuration can be used Corresponding cross compile parameter arch and corresponding compiler gcc configuration, while also need to compile a kind of libcap (Linux Packet capture kit under environment), (replacement is added to " lxc/lib " associated documents for adding and replacing in LXC instruments In, because lxc acquiescences are to run under Ubuntu systems rather than write for the linux environment of mobile version, by lxc Need to add lxc in mobile edition linux in migration process to use, but without libcap storehouses, so needing to add replacement). Because the configuration file in android system is not config culture, but the compressed file bag of one " config.gz ", because This changes the detection script supported in LXC instruments system kernel after cross compile success.

(3) on adding busybox instruments

In the case where the system kernel of destination OS does not include instruction set, (can be somebody's turn to do receiving the 3rd instruction The instruction of busybox instruments is added in instruction) when, instruction set is added to destination OS according to the instruction of the 3rd instruction In, it is used to provide the finger needed for the target tool used in destination OS added to the instruction set in destination OS Order.

Above-mentioned instruction set is what is provided by busybox instruments.

For Android main frames, the busybox instruments of corresponding version can be downloaded, use adb tool links to Host Android system, and busybox is deposited into Host Android memory space and then decompressed installation busybox, with Add the instruction that the LXC instruments operation of Host android systems missing needs.

(4) on extracting and making android system container

After instruction set is added in destination OS according to the instruction of the 3rd instruction, the 4th finger is being received When making and (being used to extracting or making the instruction of android system container), according to the instruction operational objective instrument of the 4th instruction, with The configuration file of the first system container and the first system container is created, instruction set includes the 4th instruction, and configuration file is used to match somebody with somebody It is set to the physical resource of the first system container allocation and the file directory for the first system container allocation.

Above-mentioned LXC operating systems container includes the file (such as the first file directory) and one of 1 entitled " rootfs " The individual config configuration file related to LXC, rootfs files include system and start the associated documents needed and catalogue, certainly If the shared correlation used in Host android systems of the mode of carry can be used using android system partial list Catalogue, config configuration files need to configure the LXC such as " lxc.net " relevant configuration, and rootfs folder contents can be from Using adb instructions extraction and compression correspondence system file generated in Android system, it can also use and be added in config configurations LXC instruments virtualize the start-up course Hook scripts of container, and Hook script carries Host is called before LXC instrument start-ups Android system completes the generation of rootfs associative directory and file.

(5) kernel-driven code is added on modification

" drivers/staging/android/.drivers/rtc/ " and " drivers/staging/ can be changed File under the catalogues such as android/ ", configured with adding compiling corresponding with Codes Revised, so as to complete new driving compiling.

Fig. 5 is compiled for modification kernel and put LXC instruments after cross compile LXC instruments after option and Host Android source codes Enter Host Android memory spaces, for Host Android installations busybox instruction support after, operation it is amended LXC instruments kernel supports the operation result of detection script.

The lxc-checkconfig files carried after the completion of the detection script formula lxc projects compiling used, run this pin This can previously mentioned config.gz files in lookup system, and whether detect the part kernel setup code wherein changed Effectively, so as to detecting the virtualization running environment needed for lxc.State such as on Namespace, Namespace functions, PID Function, User namespace (i.e. user's control) are activated (i.e. enabled)；On Cgroup state, Cgroup functions, Cgroup device (equipment related to Cgroup), Cgroup CPU account (CPU controls account number) function are activated.

In the technical scheme of the application, it is proposed that a kind of Android system virtual method of lightweight, can be used for The virtualization of multiple Android systems of physics android machines, improves virtualization efficiency, and it is hard to lift physics to greatest extent The utilization rate of part, it can be used for fictionalizing the other virtual system of multiple lightweights in virtual Android system, make virtual unit Quantity is largely lifted, the virtual demand of a large amount of Android systems on server.

(2) runtime container

In the technical scheme that step S304 is provided, being retrieved as the first resource of the first virtual opetrating system distribution includes： Obtain by the first resource that the system kernel of destination OS is the distribution of the first virtual opetrating system, first resource and by target The system kernel of operating system is that the Secondary resource of the second virtual opetrating system distribution is different, is also run in destination OS There is the second virtual opetrating system provided by second system container, Secondary resource includes the second virtual opetrating system of operation and used Target device on physical resource.

LXC operating systems container includes the file (such as the first file directory) and one and LXC of 1 entitled " rootfs " Related config configuration files, it can determine that the target tool (such as LXC) in system kernel is virtual for first according to configuration file The internal memory of operating system distribution, the resource such as CPU, GPU, and the first virtual opetrating system is run (as virtual using these resources Android operation system), when distributing hardware resource for different system container, the resource of distribution is different, with ensure system it Between there is good isolation, ensure the security of system operation.

In the technical scheme that step S306 is provided, the process of the first virtual opetrating system is being run using first resource In, the root using the first file directory as the first virtual opetrating system, wherein, the first file directory is destination OS System kernel be in advance the distribution of the first virtual opetrating system, the root of the first virtual opetrating system is used to preserving first empty Intend the file needed for operating system；The first process is run on first resource, the first process is the first virtual opetrating system System process, the first process be used for the file under the first file directory is handled, the first process is different from the second process, Second process is the system process of the second virtual opetrating system, and also operation has and carried by second system container in destination OS The second virtual opetrating system supplied.

LXC operating systems container includes the file (such as the first file directory) and one and LXC of 1 entitled " rootfs " Related config configuration files, are for system container, and it is not to provide a complete computer system, equivalent to An application runtime environment (rootfs catalogues) is provided, and provides a series of operating mechanism (by config configuration files Realize), it is on the basis of main frame common drive and kernel, each using independent hardware resource, and independent operating is respective Process, it does not interfere with each other between process.

Specifically, the kernel version that Android is used is changed on the Host Android main frames that repairing is corrected one's mistakes, is used CGroups the and NameSpace functions of linux kernel support the virtualization of the virtualization of hardware and software resource.Use NameSpace and PID completes the isolation of software resource, and the use of LXC instruments (LXC Tools) is that each container startup one is opened Dynamic process simultaneously creates NameSpace (i.e. NameSpace) and corresponding CGroup (process of packetizing management).

Alternatively, the container file of the different operating system made using changing in advance, storage Host after the modification In memory space, then start the purposes of multiple virtual opetrating systems using virtualization technology to realize, user can be multiple Switch in system, and independent different or identical isolation of system the application programs of operation.

For each system container, application program can be installed, the application program between system container due in Different roots, and process, CPU, the memory source difference of the data of application program are handled, so application program will not be caused Leaking data, ensure that the data safety of application program.

In this embodiment, android equipment (namely target device) can be directed to, by changing Android system kernel, Android system source code, cross compile and transplanting LXC, change android equipment associated drives, to realize in an android The purpose of one or more identical or different operating system container is fictionalized in equipment.For example, in android equipment Run 2 either multiple identical or different editions Android system containers, or in android equipment of different editions Middle operation busybox, or ubuntu system container.On startup, driving and hardware of all containers using main frame Resource, it is not necessary to the simulation of hardware resource is carried out, without corresponding hardware driving is loaded, so as to improve the effect of startup Rate.

In the above-described embodiments, only it is illustrated so that target device is Android device as an example, actually target device is also It can be the computer equipments such as desktop computer, server, as a kind of optional embodiment, enter below by taking Linux server as an example Row explanation：

Step S11, add LXC instruments.

According to the LXC instruments of the corresponding version of version selection of linux kernel in Linux server, and LXC instruments are passed through The mode of cross compile is added in Linux server.

Step S12, increase command history.

The command history (such as busybox) of corresponding version is selected according to the version of LXC instruments, then will using adb instruments It is installed on server.

Step S13, extraction system container.

Its root and corresponding configuration file are defined for each container, so as to generate corresponding system container, in order that With the linux kernel of host server, the virtual opetrating system in the system container needs to support the linux kernel, virtual behaviour It can be Android, Linux, Ubuntu etc. to make system.

Step S14, runtime container.

User can be by the one's own system container of Linux server application, and the computer for passing through oneself in distal end Log in and use this system container, entered by inputting the information such as username and password in the system, and install using journey Sequence, the application program All Files of installation can be stored in the root of the virtual opetrating system, avoid by remaining user or Person's operating system utilizes.

It should be noted that the file that (SuSE) Linux OS container includes 1 entitled formulation (corresponds to hereinbefore " rootfs ") an and config configuration file related to LXC, system container is for, it is equivalent to providing one Using operation directory context, and a series of operating mechanism (being realized by config configuration files) is provided, be that main frame shares On the basis of driving and kernel, each using independent hardware resource, and the respective process of independent operating, do not done mutually between process Disturb.So that it is mutually isolated between each virtual machine, it is independent of each other.

Alternatively, for foregoing LXC instruments, it can also be substituted using Docker instruments, realize the operation in system System it is virtual.

In the technical scheme of the application, simulated without virtualization hardware equipment and associated drives, significantly lifting is virtual The toggle speed of system.Isolation is completed using NameSpace and PID, carry function can be used to share Host Android's Associated documents and software resource, while the related hardware that directly can be carried using Host Android kernels is driven, and is reduced The operation consumption of virtual system.

It should be noted that for foregoing each method embodiment, in order to be briefly described, therefore it is all expressed as a series of Combination of actions, but those skilled in the art should know, the present invention is not limited by described sequence of movement because According to the present invention, some steps can use other orders or carry out simultaneously.Secondly, those skilled in the art should also know Know, embodiment described in this description belongs to preferred embodiment, and involved action and module are not necessarily of the invention It is necessary.

Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation The method of example can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but a lot In the case of the former be more preferably embodiment.Based on such understanding, technical scheme is substantially in other words to existing The part that technology contributes can be embodied in the form of software product, and the computer software product is stored in a storage In medium (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal equipment (can be mobile phone, calculate Machine, server, or network equipment etc.) perform method described in each embodiment of the present invention.

Embodiment 2

According to embodiments of the present invention, a kind of the virtual of operation method for being used to implement above-mentioned virtual opetrating system is additionally provided The running gear of operating system.Fig. 6 is a kind of running gear of optional virtual opetrating system according to embodiments of the present invention Schematic diagram, as shown in fig. 6, the device can include：Receiving unit 62, response unit 64 and display unit 66.

Receiving unit 62, for receiving the first instruction on the target device, being run on target device has object run system System, first instructs for indicating to run the first virtual opetrating system provided by the first system container in destination OS.

Response unit 64, for being instructed in response to first, the first resource of the first virtual opetrating system distribution is retrieved as, its In, first resource includes the physical resource on target device used in operation virtual opetrating system.

Display unit 66, for showing the target window of the first system container on the system interface of destination OS, And display uses the system interface of the first virtual opetrating system of first resource operation in target window, wherein, first is virtual The system kernel of operating system is the system kernel of destination OS, and the system drive of the first virtual opetrating system is grasped for target Make the system drive of system.

It should be noted that the receiving unit 62 in the embodiment can be used for performing the step in the embodiment of the present application 1 S302, the response unit 64 in the embodiment can be used for performing the step S304 in the embodiment of the present application 1, in the embodiment Display unit 66 can be used for performing the step S306 in the embodiment of the present application 1.

Herein it should be noted that above-mentioned module is identical with example and application scenarios that corresponding step is realized, but not It is limited to the disclosure of that of above-described embodiment 1.It should be noted that above-mentioned module as a part for device may operate in as It in hardware environment shown in Fig. 2, can be realized, can also be realized by hardware by software.

By above-mentioned module, when receiving the first instruction on the target device, the distribution of the first virtual opetrating system is retrieved as First resource, the target window of the first system container is shown on the system interface of destination OS, and in target window The system interface for the first virtual opetrating system (i.e. virtual machine) that middle display is run using first resource, the first virtual opetrating system The system kernel of destination OS is directly invoked, and directly invokes the system drive of destination OS to run, can be solved The slower technical problem of the startup of virtual machine in correlation technique of having determined, and then improve the technology effect of the toggle speed of virtual machine Fruit.

Alternatively, as shown in fig. 7, in order to realize the cross compile of target tool and transplanting, the device of the application can be with Including：Second processing unit 68, in the case of not including target tool in the system kernel of destination OS, receiving To during the second instruction, target tool is attached in the system kernel of destination OS according to the instruction of the second instruction, wherein, It is used to distribute mutually isolated thing for different system container added to the target tool in the system kernel of destination OS Manage resource.

Alternatively, in order to realize the instruction support to target tool, the device of the application can also include：3rd processing is single Member, in the case of not including instruction set in the system kernel of destination OS, when receiving the 3rd instruction, according to Instruction set is added in destination OS by the instruction of the 3rd instruction, wherein, added to the instruction in destination OS Gather for provide use destination OS in target tool needed for instruction.

Alternatively, the device of the application can also include：Creating unit, for that will be instructed in the instruction according to the 3rd instruction After set is added in destination OS, when receiving the 4th instruction, according to the instruction operational objective work of the 4th instruction Tool, to create the configuration file of the first system container and the first system container, wherein, instruction set includes the 4th instruction, configuration File is used for the physical resource for being configured to the first system container allocation and the file directory for the first system container allocation.

It is the first virtual opetrating system point that above-mentioned response unit, which is additionally operable to obtain by the system kernel of destination OS, The first resource matched somebody with somebody, wherein, first resource is the distribution of the second virtual opetrating system with the system kernel by destination OS Secondary resource is different, and also operation has the second virtual opetrating system provided by second system container in destination OS, the Two resources include the physical resource on target device used in the second virtual opetrating system of operation.

In an optional embodiment, the device of the application can also include：First processing units, for using During one resource runs the first virtual opetrating system, the root mesh using the first file directory as the first virtual opetrating system Record, wherein, the first file directory is that the system kernel of destination OS is what the first virtual opetrating system was distributed in advance, first The root of virtual opetrating system is used to preserve the file needed for the operation of the first virtual opetrating system；Running unit, for The first process is run in one resource, wherein, the first process be the first virtual opetrating system system process, the first process be used for pair File under first file directory is handled, and the first process is different from the second process, and the second process is the second pseudo operation system The system process of system, also operation has the second virtual opetrating system provided by second system container in destination OS.

In the above-described embodiments, only it is illustrated so that target device is Android device as an example, actually target device is also Can be the computer equipments such as desktop computer, server.

In said apparatus embodiment, involved unit or module are relative with the method and step in preceding method embodiment Should, for the unit or the specific implementation of module in device embodiment, refer to corresponding side in preceding method embodiment The embodiment of method step.It will not be repeated here.

Herein it should be noted that above-mentioned module is identical with example and application scenarios that corresponding step is realized, but not It is limited to the disclosure of that of above-described embodiment 1.It should be noted that above-mentioned module as a part for device may operate in as It in hardware environment shown in Fig. 2, can be realized, can also be realized by hardware by software, wherein, hardware environment includes network Environment.

Embodiment 3

According to embodiments of the present invention, a kind of service for being used to implement the operation method of above-mentioned virtual opetrating system is additionally provided Device or terminal (namely foregoing electronic installation).

Fig. 8 is a kind of structured flowchart of terminal according to embodiments of the present invention, as shown in figure 8, the terminal can include：One Individual or multiple (one is only shown in Fig. 8) processor 801, memory 803 and transmitting device 805 are (in above-mentioned embodiment Dispensing device), as shown in figure 8, the terminal can also include input-output equipment 807.

Wherein, memory 803 can be used for storage software program and module, such as the pseudo operation system in the embodiment of the present invention Programmed instruction/module corresponding to the operation method and device of system, processor 801 are stored in soft in memory 803 by operation Part program and module, so as to perform various function application and data processing, that is, realize the fortune of above-mentioned virtual opetrating system Row method.Memory 803 may include high speed random access memory, can also include nonvolatile memory, such as one or more Magnetic storage device, flash memory or other non-volatile solid state memories.In some instances, memory 803 can be wrapped further Network connection to terminal can be passed through relative to the remotely located memory of processor 801, these remote memories by including.Above-mentioned net The example of network includes but is not limited to internet, intranet, LAN, mobile radio communication and combinations thereof.

Above-mentioned transmitting device 805 is used to data are received or sent via network, can be also used for processor with Data transfer between memory.Above-mentioned network instantiation may include cable network and wireless network.In an example, Transmitting device 805 includes a network adapter (Network Interface Controller, NIC), and it can pass through netting twine It is connected with other network equipments with router so as to be communicated with internet or LAN.In an example, transmission dress It is radio frequency (Radio Frequency, RF) module to put 805, and it is used to wirelessly be communicated with internet.

Wherein, specifically, memory 803 is used to store application program.

Processor 801 can call the application program that memory 803 stores by transmitting device 805, to perform following steps Suddenly：Receive the first instruction on the target device, wherein, on target device operation have a destination OS, first instructs and is used for Indicate to run the first virtual opetrating system provided by the first system container in destination OS；Instructed in response to first, The first resource of the first virtual opetrating system distribution is retrieved as, wherein, first resource includes operation virtual opetrating system and used The physical resource on the target device；The target window of the first system container is shown on the system interface of destination OS Mouthful, and display uses the system interface of the first virtual opetrating system of first resource operation in target window, wherein, first is empty The system kernel for intending operating system is the system kernel of destination OS, and the system drive of the first virtual opetrating system is target The system drive of operating system.

Processor 801 is additionally operable to perform following step：Root mesh using the first file directory as the first virtual opetrating system Record, wherein, the first file directory is that the system kernel of destination OS is what the first virtual opetrating system was distributed in advance, first The root of virtual opetrating system is used to preserve the file needed for the operation of the first virtual opetrating system；Is run on first resource One process, wherein, the first process is the system process of the first virtual opetrating system, and the first process is used under the first file directory File handled, the first process is different from the second process, and the second process is the system process of the second virtual opetrating system, Also operation has the second virtual opetrating system provided by second system container in destination OS.

Using the embodiment of the present invention, when receiving the first instruction on the target device, the first virtual opetrating system is retrieved as The first resource of distribution, the target window of the first system container is shown on the system interface of destination OS, and in target The system interface for the first virtual opetrating system (i.e. virtual machine) that display is run using first resource, the first pseudo operation in window System directly invokes the system kernel of destination OS, and directly invokes the system drive of destination OS to run, can To solve the slower technical problem of the startup of virtual machine in correlation technique, and then improve the skill of the toggle speed of virtual machine Art effect.

Alternatively, the specific example in the present embodiment may be referred to showing described in above-described embodiment 1 and embodiment 2 Example, the present embodiment will not be repeated here.

It will appreciated by the skilled person that the structure shown in Fig. 8 is only to illustrate, terminal can be smart mobile phone (such as Android phone, iOS mobile phones), tablet personal computer, palm PC and mobile internet device (Mobile Internet Devices, MID), the terminal device such as PAD.Fig. 8 it does not cause to limit to the structure of above-mentioned electronic installation.For example, terminal is also It may include than shown in Fig. 8 more either less components (such as network interface, display device etc.) or with shown in Fig. 8 Different configurations.

One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can To be completed by program come command terminal device-dependent hardware, the program can be stored in a computer-readable recording medium In, storage medium can include：Flash disk, read-only storage (Read-Only Memory, ROM), random access device (Random Access Memory, RAM), disk or CD etc..

Embodiment 4

Embodiments of the invention additionally provide a kind of storage medium.Alternatively, in the present embodiment, above-mentioned storage medium can For performing the program code of the operation method of virtual opetrating system.

Alternatively, in the present embodiment, above-mentioned storage medium can be located at multiple in the network shown in above-described embodiment On at least one network equipment in the network equipment.

Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps：

S21, the first instruction is received on the target device, wherein, being run on target device has destination OS, and first Instruct for indicating to run the first virtual opetrating system provided by the first system container in destination OS；

S22, in response to the first instruction, the first resource that the first virtual opetrating system is distributed is retrieved as, wherein, first resource Including the physical resource used in operation virtual opetrating system on target device；

S23, the target window of the first system container is shown on the system interface of destination OS, and in target window The system interface for the first virtual opetrating system that middle display is run using first resource, wherein, the first virtual opetrating system is System kernel is the system kernel of destination OS, and the system drive of the first virtual opetrating system is the system of destination OS Driving.

Alternatively, storage medium is also configured to the program code that storage is used to perform following steps：

S31, the root using the first file directory as the first virtual opetrating system, wherein, the first file directory is mesh The system kernel for marking operating system is in advance the distribution of the first virtual opetrating system, and the root of the first virtual opetrating system is used for Preserve the file needed for the operation of the first virtual opetrating system；

S32, the first process is run on first resource, wherein, the first process is entered for the system of the first virtual opetrating system Journey, the first process are used to handle the file under the first file directory, and the first process is different from the second process, the second process For the system process of the second virtual opetrating system, also operation has second provided by second system container in destination OS Virtual opetrating system.

Alternatively, in the present embodiment, above-mentioned storage medium can include but is not limited to：USB flash disk, read-only storage (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disc or CD etc. is various can be with the medium of store program codes.

The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.

If the integrated unit in above-described embodiment is realized in the form of SFU software functional unit and is used as independent product Sale or in use, the storage medium that above computer can be read can be stored in.Based on such understanding, skill of the invention The part or all or part of the technical scheme that art scheme substantially contributes to prior art in other words can be with soft The form of part product is embodied, and the computer software product is stored in storage medium, including some instructions are causing one Platform or multiple stage computers equipment (can be personal computer, server or network equipment etc.) perform each embodiment institute of the present invention State all or part of step of method.

In the above embodiment of the present invention, the description to each embodiment all emphasizes particularly on different fields, and does not have in some embodiment The part of detailed description, it may refer to the associated description of other embodiment.

In several embodiments provided herein, it should be understood that disclosed client, can be by others side Formula is realized.Wherein, device embodiment described above is only schematical, such as the division of the unit, and only one Kind of division of logic function, can there is an other dividing mode when actually realizing, for example, multiple units or component can combine or Another system is desirably integrated into, or some features can be ignored, or do not perform.It is another, it is shown or discussed it is mutual it Between coupling or direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some interfaces, unit or module Connect, can be electrical or other forms.

The unit illustrated as separating component can be or may not be physically separate, show as unit The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.

In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.

Described above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, under the premise without departing from the principles of the invention, some improvements and modifications can also be made, these improvements and modifications also should It is considered as protection scope of the present invention.

Claims

A kind of 1. operation method of virtual opetrating system, it is characterised in that including：

The first instruction is received on the target device, wherein, being run on the target device has destination OS, and described first Instruct for indicating to run the first virtual opetrating system provided by the first system container in the destination OS；

In response to the described first instruction, the first resource that first virtual opetrating system is distributed is retrieved as, wherein, described first Resource includes running the physical resource used in the virtual opetrating system on the target device；

The target window of the first system container is shown on the system interface of the destination OS, and in the target The system interface for first virtual opetrating system run using the first resource is shown in window, wherein, described first The system kernel of virtual opetrating system be the destination OS system kernel, the system of first virtual opetrating system It is driven to the system drive of the destination OS.
2. according to the method for claim 1, it is characterised in that be retrieved as the first of the first virtual opetrating system distribution Resource includes：

Obtain by the first resource that the system kernel of the destination OS is first virtual opetrating system distribution, Wherein, second money of the first resource with the system kernel by the destination OS for the distribution of the second virtual opetrating system Source is different, and also operation has second virtual opetrating system provided by second system container in the destination OS, The Secondary resource includes running the physical resource used in second virtual opetrating system on the target device.
3. method according to claim 1 or 2, it is characterised in that empty using first resource operation described first During intending operating system, methods described also includes：

Root using the first file directory as first virtual opetrating system, wherein, first file directory is institute The system kernel for stating destination OS is in advance first virtual opetrating system distribution, first virtual opetrating system Root be used to preserve the file needed for first virtual opetrating system operation；

The first process is run on the first resource, wherein, first process is for first virtual opetrating system System process, first process are used to handle the file under first file directory, and first process is different from Second process, second process are the system process of the second virtual opetrating system, are also run in the destination OS Second virtual opetrating system provided by second system container is provided.
4. method according to claim 1 or 2, it is characterised in that before first instruction is received, in the mesh The system kernel of operating system is marked not including in the case of target tool, methods described also includes：

When receiving the second instruction, the target tool is attached to the object run according to the instruction of the described second instruction In the system kernel of system, wherein, added to the target tool in the system kernel of the destination OS for being Different system container distributes mutually isolated physical resource.
5. method according to claim 1 or 2, it is characterised in that before first instruction is received, in the mesh The system kernel of operating system is marked not including in the case of instruction set, methods described also includes：

When receiving the 3rd instruction, the instruction set is added to the object run according to the instruction of the described 3rd instruction In system, wherein, it is used to provide added to the instruction set in the destination OS and uses the object run system The instruction needed for target tool in system.
6. according to the method for claim 5, it is characterised in that in the instruction according to the described 3rd instruction by the instruction set Close after being added in the destination OS, methods described also includes：

When receiving the 4th instruction, the target tool is run according to the instruction of the described 4th instruction, to create described first The configuration file of system container and the first system container, wherein, the instruction set includes the described 4th instruction, described to match somebody with somebody File is put for being configured to the physical resource of the first system container allocation and the file for the first system container allocation Catalogue.
7. method according to claim 1 or 2, it is characterised in that the system kernel of the destination OS is Linux Kernel, first virtual opetrating system are the operating system realized based on linux kernel.
A kind of 8. running gear of virtual opetrating system, it is characterised in that including：

Receiving unit, for receiving the first instruction on the target device, wherein, being run on the target device has object run System, described first instructs for indicating that operation is provided by the first system container in the destination OS first is virtual Operating system；

Response unit, for being instructed in response to described first, the first resource of the first virtual opetrating system distribution is retrieved as, Wherein, the first resource includes running the physics money on the target device used in the virtual opetrating system Source；

Display unit, for showing the target window of the first system container on the system interface of the destination OS Mouthful, and system circle that first virtual opetrating system run using the first resource is shown in the target window Face, wherein, the system kernel of first virtual opetrating system is the system kernel of the destination OS, and described first is empty The system drive for intending operating system is the system drive of the destination OS.
9. device according to claim 8, it is characterised in that the response unit is additionally operable to obtain by the object run The system kernel of system be first virtual opetrating system distribution the first resource, wherein, the first resource with by The system kernel of the destination OS is that the Secondary resource of the second virtual opetrating system distribution is different, in the object run Also operation has second virtual opetrating system provided by second system container in system, and the Secondary resource includes operation institute State the physical resource on the target device used in the second virtual opetrating system.
10. device according to claim 8 or claim 9, it is characterised in that described device also includes：

First processing units, for during first virtual opetrating system is run using the first resource, by the Root of one file directory as first virtual opetrating system, wherein, first file directory is grasped for the target The system kernel for making system is in advance first virtual opetrating system distribution, the root of first virtual opetrating system For preserving the file needed for the first virtual opetrating system operation；

Running unit, for running the first process on the first resource, wherein, first process is described first virtual The system process of operating system, first process are used to handle the file under first file directory, and described the One process is different from the second process, and second process is the system process of the second virtual opetrating system, in the object run Also operation has second virtual opetrating system provided by second system container in system.
11. device according to claim 8 or claim 9, it is characterised in that described device also includes：

Second processing unit, in the case of not including target tool in the system kernel of the destination OS, connecing When receiving the second instruction, the instruction according to the described second instruction is by what the target tool was attached to the destination OS In system kernel, wherein, added to the target tool in the system kernel of the destination OS for being for different The mutually isolated physical resource of container allocation of uniting.
12. device according to claim 8 or claim 9, it is characterised in that described device also includes：

3rd processing unit, in the case of not including instruction set in the system kernel of the destination OS, connecing When receiving the 3rd instruction, the instruction set is added in the destination OS according to the instruction of the described 3rd instruction, Wherein, it is used to provide the mesh with the destination OS added to the instruction set in the destination OS Instruction needed for mark instrument.
13. device according to claim 12, it is characterised in that described device also includes：

Creating unit, for the instruction set to be added into the destination OS in the instruction according to the described 3rd instruction In after, when receiving the 4th instruction, the target tool is run according to the instruction of the described 4th instruction, to create described the The configuration file of one system container and the first system container, wherein, the instruction set includes the described 4th instruction, described Configuration file is used for the physical resource for being configured to the first system container allocation and the text for the first system container allocation Part catalogue.
A kind of 14. storage medium, it is characterised in that the storage medium includes the program of storage, wherein, when described program is run Perform the method any one of the claim 1 to 7.
15. a kind of electronic installation, including memory, processor and it is stored on the memory and can transports on the processor Capable computer program, it is characterised in that the processor performs the claim 1 to 7 times by the computer program Method described in one.