An Overview of Virtualization

IndioMan writes to point us to an overview of virtualization — its history, an analysis of the techniques used over the years, and a survey of Linux virtualization projects. From the article: "Virtualization is the new big thing, if 'new' can include something over four decades old. It has been used historically in a number of contexts, but a primary focus now is in the virtualization of servers and operating systems. Much like Linux, virtualization provides many options for performance, portability, and flexibility."

virtuosity

IndioMan writes to point us to an overview of virtualization -- its history, an analysis of the techniques used over the years, and a survey of Linux virtualization projects.

That article had the virtue of being a virtual cornucopia of information.

Virtualization is so easy

Virtually anyone can do it!

QEMU

Just wanted to point out that qemu can also do virtualisation on Linux, just like Vmware, with a closed-source kernel module. It works quite well too. http://fabrice.bellard.free.fr/qemu/qemu-accel.htm l [bellard.free.fr]

Re:QEMU

I'm not sure why you felt the need to mention QEMU specifically.

I suspect because the article incorrectly describes it as an emulator, while it is capable of full virtualization if the plugin the GP post linked to is used.

It's not the only such mistake in the article: Xen is described as performing paravirtualization, but it too is capable of full virtualization in some cases (i.e., when it is supported by the hardware).

Apple

This article is an okay overview of many of ways virtualization is now being used. As an aside, has anyone else noticed Apple seems to be missing the boat this time? They're certainly benefitting from virtualization with several players in the market providing emulation solutions and tools now that they are on Intel, but Apple themselves seem to have done nothing and not even provided a strategy. Servers are moving to more virtual servers on one real machine, but OS X's license forbids it from fulfilling that role. Tools for using OS X as a thin client for accessing remote virtual machines are likewise weak. Apple hasn't even provided a virtual machine for their customers to emulate old macs so that users can run OS 9 apps on the new intel machines and they restrict redistribution of their ROM files to make 3rd parties unable to do this. No mention of adding VM technology to OS X has been heard, despite its inclusion in the Linux kernel among others.

Does Apple have something against VM technology? Are they simply behind the times and failing to see the potential?

Re:Apple

Virtualization is usless in a desktop multimedia user environment. Video cards, sound cards and the like are bus mastering devices and you cannot virtualize hardware access unless you own the whole environment. In simple terms, virtualization is only usefull in the server arena and useless on the desktop.

As someone with two VMs running on my OS X laptop right now, I'd have to disagree with you. As for sound cards and video cards the sound works just fine and at least two companies I know of are working on support for allowing hosted OS's full access to video card acceleration.

Re:Apple

Let's see, why don't they do virtualization...

• They don't want you to use OS X in a VM, as it makes it trivial to use it on generic PC's, which eliminates the vast majority of their revenue.
  
• They don't include virtualization software themselves as Parallels and VMWare are doing a good job if you need such a thing, and they don't want to alienate them.
  
• And not strictly virtualization, but you mentioned it - they don't want to make it easy to use OS 9. It's been dead to them for years (and porting Classic to Intel would not have been easy, given the way Rosetta works). Meanwhile, they do nothing to hinder or help SheepShaver and others; the ROM files needed are available from Apple's website (although not easy to find).

None of this is hard to figure out. Yes, there are reasons it would be nice, but it's pretty obvious why they're not too keen on it.

Re:Apple

They don't want you to use OS X in a VM, as it makes it trivial to use it on generic PC's, which eliminates the vast majority of their revenue.

I'm sure that is true, but do they have a plan for what happens when/if the industry moves toward virtual machines on the server? Are they just going to let OS X server die, or try to target only really small businesses? What about thin client support? if more and more VMs start running on big hardware and exporting to thin clients do they have a plan to provide better support for those clients? Integrate with those UIs? Are they just assuming none of this will happen?

They don't include virtualization software themselves as Parallels and VMWare are doing a good job if you need such a thing, and they don't want to alienate them.

It is perfectly understandable not to include a VM in their workstation, but that does not preclude kernel level support for virtualization, including API's and hooks for interoperability. What about hooks for supporting virtual machines like Parallels, but treating the apps as more "native" with Windows or Linux binaries showing up as icons in OS X?

And not strictly virtualization, but you mentioned it - they don't want to make it easy to use OS 9.

Depending upon how access to OS 9 apps is accomplished, it certainly is virtualization. I certainly understand not including it in a the default install to discourage the use of OS 9 apps, but making it hard to find and install your own VM of this sort is counterproductive, in my opinion. Even PS3's provide a way to run PS2 games.

Meanwhile, they do nothing to hinder or help SheepShaver and others; the ROM files needed are available from Apple's website (although not easy to find).

SheepShaver is useless without ROMs, the discovery of, extraction of, and installation of is well beyond the capabilities of even many advanced users. Apple does not allow the SheepShaver project to redistribute those ROMS or include them in a pre-build binary. That certainly hinders the project a lot and prevents it from ever being user friendly enough to attract a significant body of developers. It seems like a tiny bit of privilege from Apple would go a long way here, but they withhold it.

It just seems like VM is a very promising new technology that MS and Linux distros are leaping at, and which is finally evolving a few standards. Ignoring it on so many fronts, seems dangerous to me, akin to MS ignoring the internet until the final hour. Ignoring some of the fronts on which VM is making inroads is one thing, but ignoring them all seems almost like a cultural bias. I wonder if maybe the term is taboo at Apple, since they are worried about it one one front and have applied a policy a little too liberally.

Thanks, IndioMan & kdawson

Since I'm not a server admin, I've always wondered about the use and importance of this "virtualization" I've been hearing so much about. TFA is a pretty useful overview of the topic, and I'm glad it was posted here.

No, it's not red-hot, breaking news, but valuable stuff like this is why I keep coming back to this mess (/., I mean). If you're like me and spend most of your Slashdot time reading the comments, take time to read this TFA.

Re:Thanks, IndioMan & kdawson

Since I'm not a server admin, I've always wondered about the use and importance of this "virtualization" I've been hearing so much about

.

For the home user virtualization can be used as a separate PC to surf the net without fear of malware, when you are done surfing just restore the VM to the "clean" state, think "your pr0n browsing PC". You can also use it to test software before contaminating your host PC with stuff you decide not to keep. I visualize it as a sandbox to play in before messing up with the "real" system.

Check the vmware player appliances [vmware.com], there are lots of good ideas there, many of them are for business use but there are several that can be used at home.

For the developer / tester virtualization provides a set of target operating systems to test / debug the software on without need of having the actual physical hardware.

Of course, in the data center it is the next big thing, too many advantages to list here.

Old New Things

"Virtualization is the new big thing, if 'new' can include something over four decades old."

You just wait. Next thing you know we'll be running Lisp machines under our virtualization software. And then there's going to be a new remake of ADVENT and the Great Worm. And a new AI summer.

another reason why virtualization is so hot

I work at a small ISV which just bought SourceForge, Enterprise Edition [sourceforge.net] which is an Apache/JBOSS/PostgreSql/CentOS app for managing SDLC. For a company of our size, they package this as a VMWare image. Installation is incredibly easy. I can definitely see how free virtualization can be a big boon to companies selling and/or consuming web applications for small deployments.

Xen does more than just paravirtualization

The article seems a bit outdated. Reading it make it sounds like hardware virtualization (Intel VT-x / AMD's AMD-V, ex Pacifica) isn't there yet. As a user running both para-virtualized guests and hardware-virtualized guests under Xen since months, I disagree with how Xen is presented. Xen can also run unmodified guests (and is very good at it): I've tried several unmodified Linux version (though para-virt is faster than hardware-virt, so I run para-virtualized Linux guests) and I'm currently running an unmodified Windows XP Pro 32 bit under Xen. I also installed W2K3 server under Xen. Performance is incredible, there's no comparison, for example, with VMWare running fully-virtualized Windows, which is way slower than hardware-virt (nowadays maybe that VMWare allows to use VT-x/AMD-V? I honestly don't know, I haven't checked). As a second note, para-virt. under Xen is even faster than hardware-virt, it just feels native.

The article seems a bit light on qemu too.

... # xm info | grep xen_caps
xen_caps : xen-3.0-x86_32 , hvm-3.0-x86_32

OSes Targeting VMs

An idea that I've been toying with lately is what if we got operating systems targeting virtual machines, especially ones that expose a simplified interface rather than trying to emulate a real machine. Instead of having to duplicate drivers for every piece of hardware in every OS, drivers would only need to be developed for the virtualization environment, and operating systems would only have to support the interface exposed by the VM.

Missing Mac On Linux

MOL [maconlinux.org] is a true work of genius. Even on pretty old PPC hardware it functions with almost no slowdown. (Linux host, OS X and Linux clients). Compared to contemporaries it had no equal - the current generation of products on x86 are just starting to catch up. I'm most impressed with the way my powerbook can sleep (close the lid) under Linux and all of the hosted sessions quietly pause themselves with no problems. They even resume a network connection perfectly on waking up.

It'm glad to see similar happening on x86, finally, as it's one of the things that really made PPC based machines special. (There is some documentation for MOL and Kubuntu here [revis.co.uk].)

Security use?

Is it theoretically possible to virtualize a few copies of the OS+BIOS+etc. for each program launched to further isolate one program from crashing/infecting others? Or maybe that'd be way too resource intensive?

Virtual appliances

Virtual appliances will drastically change the way tech sales is handled in 2007. Instead of a sales rep promising their product can perform, they'll now be immediately asked to put their VM where their mouth is.

I for one look forward to vendors coming in and pitching me their software. The ones that can instantly show me the product in a virtualized session running on their laptop will be the ones that we write the check out to.

I for one look VERY MUCH forward to placing our systems on virtualized resources. It'll make us look like a million bucks while saving a million bucks.

This is also great for small businesses who need a quick deployment. I love being able to instantly expand my hardware to accommodate new setups.

*Another* Layer?

In practice, I really like virtualization because it allows me to boot up Linux and run MS Exchange and Office, and most other (non 3d) Windows software using VMWare.

But in theory, it bothers me. The basic idea (as I see it) is to provide an isolated environment for applications to run. But that's what the OS was/is supposed to do in the first place, and typesafe languages (like Java) also do much of the same thing once again! (E.g. I see no inherent reason for virtual to physical address translation when running Java applications). The biggest commercial application I see for virtualization is server consolidation. Why not just run all those server processes within the same OS? Yes there are good reasons, but is virtualization really the most efficient solution to those problems?

Maybe virtualization is the best compromise given the legacy that computing currently has, but I wonder if some clever researchers have expressed a vision of how all the same ends could be accomplished much more simply and consistently. Or do all these layers upon layers of abstraction really provide necessary degrees of freedom?

Re:*Another* Layer?

For us, the nicest thing about virtualization is the disaster recovery. If our building burns down, we can quite literally get any PC we can find with a ton of RAM, load Virtual Server, and load the hosts right back up. Much, much faster than going and configuring all the weird drivers and raid cards, partitions, etc on a normal non-virtualized system. On the same note, if one of my servers goes down, I can quickly load up the VM on another box, which means I can take all the time in the world to get the original server back up, so I don't have to worry about the really expensive "4-hour" support plans, but the much cheaper "next-day" support plans. I also keep a VM copy of our web server handy. (Web server isn't on a VM, yet, because of the speed issues), so that when I need to take down the real, faster, web server, I change one DNS setting, and all my users notice is that the web is running a little slower...

I recently tried to get Vista to work on Xen....

and had serious issues with stability and networking. I detailed my experience at my blog [blogspot.com] if anyone is interested. I also tried using the Linux version of Parallels and had similar issues. If anyone has gotten Vista to run under Xen I would be very interested in your feedback

Bias???

My experience (limited though it is) with virtualization makes me doubt the objectivity of TFA. Specifically, the comments regarding VMWare appear to be pretty far off given my experience that MSWindows (XP at least) runs fatster in a virtual environment than it does natively, which is the opposite of what the article claims.

Xen on FreeBSD?

This may be a little off-topic, but I noticed that the article claims that Xen runs on FreeBSD. I was under the impression that Xen support on FreeBSD was still a work in progress, which the Wikipedia article [wikipedia.org] seems to confirm. Can anybody comment on this?

Tell me where it's useful...

I have a hard time coming up with cases where virtualization is that useful. If you run an ISP and want to give root-level access to your hosted accounts, sure. If you want to run a few different OSs on your desktop, sure.

      But, virtualization is so often touted as a way to consolidate servers. I keep asking myself "Who are these people that have that many servers with so little load, that many servers that they could consolidate (making a single COMPLETE point of failure), and haven't already done so?" Sure, they have a web server, mail server, and DNS server. If they don't mind the single point of failure, why haven't they already put them on the same machine?

      In all of the places where I've worked, it's been a race to keep hardware fast enough that a single machine could handle even a single task - putting multiple tasks on the machines would just be lunacy. From small ISPs with overloaded web and news servers to health care companies throwing millions of dollars at single machines to online retail where we're throwing in a half-dozen more dual-CPU machines into the load-balanced pool every year, replacing quad-Opteron database machines with eight-ways, and about to have to go bigger than the eight-way, I've never personally seen a need for something like virtualization.

      So... help me wrap my feeble brain around this. Give me some really cool examples.

steve

Big New Thing???

Uhm... I started using it on the PC platform in 1998/99 with VMWare on RedHat 7. I was amazed when I saw I could boot a Windows 98 system simultaneously with my already running Linux system on a lowly Pentium MMX 233 with 32 megs of RAM. Then I found out that what I thought was new back then was something the big iron world had enjoyed for decades and originated in the 60s. It was just new to x86 is all come 1998/99. Since then, I've moved onto Xen for Linux which is rather amazing in terms of performance and flexibility if you paravirtualize the system. I've got three VMs running on an old Pentium II era Celeron at 400 MHz with 384 megs of RAM. That system has enough horsepower to do the following for my network:

Internal: DHCP, DNS, postfix SMTP server for internal clients, Squid proxy, OpenVPN MySQL DB, DBMail IMAP services that use MySQL as the backend. All in 128 megs of RAM. And they all perform smoothly and quickly.

External: DNS, postfix SMTP server for spam filtering and relaying to the virtual internal SMTP server, OpenVPN server. All in 64 megs of RAM.

I plan to add an Asterisk PBX to that same box for a third VPN so I can have private VoIP with my OpenVPN users (all friends and family as I'm talking about a system at home, not at work).

I've, of course also played with Virtual PC, Virtual Server, QEMU and poked at OpenVZ. For me, a decent virtualization solution has to be able to run other OSes to count as good which is why certain virtualization solutions don't do much for me. If I need access to Windows, I want to be able to do it without wasting good hardware on it. That's why UserMode and Linux Virtual Servers (more akin to chroot jails) do absolutely nothin for me other than when I'm building a Gentoo box. But, this is not the big new thing. It's only that MS is making waves with it now... typical.

Obligatory

I, for one, welcome our virtualized overlords. And their virtualized management systems.

Microkernels++: Just in case you dont remember

The original plan for microkernels was to create more componentized runtime environments, so you could dynamically create virtualized OS's as a collection of the active componenets you needed. Very much like chroot, but pervading way beyond file systems and in to running libraries kernel modules and devices. The tooling was never here, but many people had stary eyes for esssentially a mix-and-match environment that would let you configure and cobble together operating environments at will, and maintain strong privledge seperation.

It really is a pity we gave the whole project up and decided to just implement YET ANOTHER page table in hardware, rather than try to solve the PIC code layout, IPC performance issues, and wrestle with building a new dynamical component based environment. I think we'd see virtualization on a much more pervasive level and a much stronger conception of mobile code, stretching all the way to embedded devices. As it is, the hardware virtualized environments are so insular from each other that there is a) no reason to run it on embedded systems (since integration is all application level, tracing through pretty meaty stacks) (watchdog systems aside) and b) it would impose colossal power consumption needs for mobile devices since it has to run each OS seperately.

Virtualization as we know it is a terrible terrible excuse for unix never having built itself a sufficiently dynamical and configurable environment. Two thumbs down. As cool as running multiple OS's is, it should not have been necessary in the first place.

LordMyren

CTSS?

Ok, I thought CTSS was a task switching layer on top of the basic OS, FMS. The article goes on to talk about OS-level virtualization and yet doesn't mention TopView or DESQview?

Hands-up who doesn't remember running up QEMM and DESQview to run their BBSes back in the 80's?

Article missing MDF

Amdahl was the first to offer physical machine partitioning in the mid to late eighties. IBM finally came out with PR/SM (Processor Resource/Systems Manager) some years later. MDF provided complete isolation of resources between two or more partitions. There were no shared channels, intercommunication was done with a Channel-To-Channel connector. This provided a secure, isolated development/test/QA systems at a reasonable price. It was all managed at the macrocode level, which had a Unix-like shell.

VMware question

The article describes VMware as a full virtualization solution. "A hypervisor sits between the guest operating systems and the bare hardware as an abstraction layer." Is this really how it works? The hypervisor runs on the bare hardware? I thought VMware was launched as an application under the hosting OS. Then it is able to load guest OS's. So it does not sit between the bare hardware and the guest OS, but rather between the host OS and the guest OS. See the PDF datasheet for VMware Server [vmware.com] which shows this architecture.

Is there a different kind of VMware than what I am familiar with? One that runs on the "bare hardware" as described in the article?

image hosting?

I have been toying with this idea for a long time. I would love to see a service where i can upload a vmware image and have them host it for me. Its my blackbox running whatever i want it to run. They wouldnt need to or care to know about it. I would love to see such a service pop up.
It could be like conventional hosting as far as billing goes.(charge for disk space/bandwidth) But I would like to have complete control of whats inside the blackbox.
I find many uses for it. Like moving my home Asterisk server to take advantage of the bandwidth (incoming is ok but outgoing sucks on home connections) and not have to worry about the damn cable company messing up.
I am sure there could be more applications.
Today there are datacenters which offer to give you your own virtual server but its not an option to just upload a server image and have it running instantly.

The Next Step For Virtualization...

The next step for virtualization will be to processors that make the instruction set virtual. Most importantly specific hardware acceleration for this that makes it practical. The processors will obviously be designed for an x86 default instruction set. But it will be possible to execute foreign instruction sets like PowerPC or 68000. What can't be handled by the processor will be handled in a hypervisor processes though much slower obviously. The big impact of this is that VM byte code can be run directly on the processor.

Also hence forth proprietary instuction set extentions hardwired into the processor can no longer be vender locked. So MMX12 and SSE8 instructions will be translated and executed in a compatable manor. General purpose processors like the x86 will truely become general purpose. Think of it like the old DirectX paradigm. Whatever hardware acceleration exists, it is used, otherwise it's software emulated. It's all byte code and it runs nominally just as fast as hardware instuctions.

And yes much of this is has been done before but not on this scale or envisioned quite like this.

This reminds me on a nice 23c3 talk

"Inside VMware - How VMware, VirtualPC and Parallels actually work":
http://events.ccc.de/congress/2006/Fahrplan/events /1592.en.html [events.ccc.de]

It was really interesting, though not too deeply (including some hilarious throw-in questions from Dan Kaminsky).
An unofficial recording of it is here: ftp://ftpmirror.sectoor.de/ccc/congress/2006/gropi -mitschnitte/vmware-t4s2.wmv [sectoor.de]

Official recordings of the streams should come anytime soon (read: when it's done).

Not again...

It took me 2 years to get 5 members of my family to use Linux. Why would I now want them to start using Windows again on the desktop?

Those wacky technical acronyms

... The same concept was used in the 1960s for Basic Combined Programming Language (BCPL), an ancestor of the C language.

And here I thought BCPL stood for Bitchin' Camaro Propulsion Language...

Re:Virtually Here

> The kick ass server being a Celeron 2ghz machine with 256 megs of ram.

There is a note of cynicism in your statement, but yes you will need adequate hardware and resources to take advantage of virtualisation. You should not expect to run two identical instances of a server environment on your hypervisor and expect a performance increase (depending on utilization of course). Also keep in mind your host os is going to need resources to run the show. This is where a stripped linux install has the advantage. One problem is people run their hypervisors on windows which really wasn't intended to be a multitasking server OS in the first place. They expect to see nice fluid resource management and it just doesn't happen and they get aggravated and try to throw more hardware at it with very little improvement. Also, keep in mind that Vmware and Xen are two separate types of hypervisors. As I understand, Xen is the operating system and hypervisor all rolled into one, whereas Vmware is an additional layer on top of the host os. YMMV with either.

Re:3d?

But they all have one major showstopper of a problem: I can't use accelerated 3D on the latest graphics cards under virtualized OSs.

In Vmware:

Edit your .vmx file.

Add the following:
mks.enable3d = TRUE {- Requires acceleration on the host, because it passes things directly from the guest.
svga.vramSize = 67108864 {- This line increases the vram size, you might want to customize it.
vmmouse.present = FALSE {- This disables the 'absolute' pointing device in the guest OS (as applications that require directinput relative mode needs to turn off 'relative' mode in the guest). Note: If you unset this option, you should also turn off the preference for motion ungrabbing in the settings dialog

Unfortunately not all aspects of 3D acceleration on the guest are actually accelerated -- Which are some of the following:

• Hardware bump-mapping, environment mapping
• Pixel & vertex shaders
• Textures with one, three, or four dimensions
• Multi-vertex streams
• Projected textures

Re:Virtually Here

IBM's 64,000 node blade cluster running plan9 is pretty sweet