Physical Server in AWS Datacenter

A physical server has limited resources. Multiple VMs (EC2 instances) share them.

┌──────────────────────────────────────────────────────────────────────┐
│  Physical Server                                                     │
│                                                                      │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────┐  ┌─────────────┐  │
│  │    CPU      │  │   Memory    │  │    Disk     │  │   Network   │  │
│  │  64 cores   │  │   512 GB    │  │    10 TB    │  │   100 Gbps  │  │
│  └─────────────┘  └─────────────┘  └─────────────┘  └─────────────┘  │
│                                                                      │
│  Hypervisor divides these among VMs                                  │
│                                                                      │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────┐  ┌─────────────┐  │
│  │ EC2 (VM1)   │  │ EC2 (VM2)   │  │ EC2 (VM3)   │  │ EC2 (VM4)   │  │
│  │ 2 vCPU      │  │ 4 vCPU      │  │ 8 vCPU      │  │ 2 vCPU      │  │
│  │ 8 GB RAM    │  │ 16 GB RAM   │  │ 32 GB RAM   │  │ 8 GB RAM    │  │
│  └─────────────┘  └─────────────┘  └─────────────┘  └─────────────┘  │
│                                                                      │
└──────────────────────────────────────────────────────────────────────┘

How Resources Are Shared

CPU: Time Sharing (Hypervisor Controls)

Physical cores are shared by time slicing. Hypervisor decides who runs when.

Physical Core 1 (one core, many VMs share it):

Time ──────────────────────────────────────────────────────────────────────►

│ VM1  │ VM2  │ VM1  │ VM3  │ VM2  │ VM1  │ VM4  │ VM1  │ VM2  │
│ 10ms │ 10ms │ 10ms │ 10ms │ 10ms │ 10ms │ 10ms │ 10ms │ 10ms │

Each VM gets short bursts. Switches happen so fast VMs don't notice.

Hypervisor counts every time slice → knows exact CPU usage per VM.

When VM is idle, OS sends HLT (halt) instruction: “I have nothing to run.” Hypervisor gives that time to other VMs.

Memory: Block Allocation (VM Accesses Directly)

Hypervisor allocates memory block once, then VM accesses it directly without asking.

Physical Memory (512 GB):

┌──────────────────────────────────────────────────────────────────────────┐
│ 0GB        64GB       128GB      192GB      256GB      320GB      512GB  │
│ ├──────────┼──────────┼──────────┼──────────┼──────────┼────────────┤    │
│ │   VM1    │   VM2    │   VM3    │          VM4        │   (free)   │    │
│ │   8GB    │   16GB   │   32GB   │          64GB       │            │    │
│ └──────────┴──────────┴──────────┴─────────────────────┴────────────┘    │
└──────────────────────────────────────────────────────────────────────────┘

Hypervisor: "VM1 gets addresses 0x0000-0x0800"
VM1 reads/writes directly to that range. Hypervisor doesn't watch.

Hypervisor doesn’t know what’s inside → can’t see memory utilization.

Disk: Similar to Memory

Hypervisor provides raw disk space. OS inside VM manages filesystem.

Hypervisor: "VM1 gets 100GB disk"

Inside VM1 (only OS knows):
  /home: 30GB used
  /var/log: 10GB used
  Free: 60GB
  Disk utilization: 40%

Hypervisor sees: "VM1 has 100GB allocated" (not how it's used)

Network: All Traffic Through Hypervisor

Every packet goes through hypervisor’s virtual network switch.

VM1 sends packet → Hypervisor → Physical NIC → Internet
                      │
              Hypervisor counts
              every byte in/out

Hypervisor sees all traffic → knows exact network usage.

Summary: Why Hypervisor Can/Cannot See

ResourceHow SharedHypervisor RoleVisibility
CPUTime slicingSchedules every time slice✅ Full
NetworkVirtual switchRoutes every packet✅ Full
Disk I/OPass-throughHandles every read/write request✅ Full
MemoryBlock allocationAllocates once, VM accesses directly❌ None
Disk spaceBlock allocationProvides raw disk, OS manages filesystem❌ None

CloudWatch Agent runs inside the VM, reads memory/disk from OS, and publishes to CloudWatch as custom metrics.