KVM stands for 'Kernel-based Virtual Machine' it provides a simple way to have full hardware virtualization available for Linux users on machines that supports either the VT (Intel) or AMD-V/SVM (AMD) extensions for their cpus.
It consists of a kernel module (kvm.ko) and userland applications to provide abstracted machine. Userland code obviously borrows a lot off of Qemu, but it should offer significantly better performance. Supports file formats that Qemu supports, which is basically raw devices (block devices, disk images). Once running it is treated like just another process.
The interesting thing to this approach is that it is essentially using the kernel as a hypervisor. With having this virtualization built into the kernel itself it simplifies things quite a bit since it can leverage the existing functionality in the kernel. Simple is very good.
Ultimately this means cheap, easy, and fast virtualization built into every single Linux system ever made from this point on. (It will be available in vanilla kernel in 2.6.20 version (current 'stable' is 2.6.19)). Currently it's been tested well enough that it should reliably run VMs hosting 32 and 64bit versions of Linux and 32bit Windows. But there isn't anything to it that means it can't run anything else available for the x86 platform.
To run it you have to running a Linux-based system, probably a newer 2.6 kernel (available as a compilable kernel module also), on a system with either Intel or AMD processor that support the VT or SVM virtualization extensions. Also you need to have a motherboard with a BIOS that supports those extensions in the bios. (some bioses have these extensions specifically disabled and unfortunately there isn't anything you can do about it other then looking for a bios upgrade). Also your going to need a bit more ram then your average desktop, at least a gig.
Of course not everything is perfect. The performance isn't up to its full potential yet. SMP systems are supported as hosts, but VM environments can only be UMP. There needs to be work on a MMU for it to get it up to the level were it can be comfortably used to host a server. But for desktop use it's probably very good. Now I haven't tried it personally yet, but I've used Qemu before and it's very similar and that works great. (Unfortunately my desktop is in mothballs until I finish my basement room (motivation) and my laptop is PowerPC.)
This helps to fill out the virtualization options for Linux quite well.
This inspired me to make a quick summary of available options for Linux that I am aware of as well as some notes on the relative strengths and weaknesses. Keep in mind that I am no expert. I divided them up into logical categories to help me explain them, but as with everything there is going to be overlap as there is no hard and fast rules.
Hypervisors are small exo-kernel-like systems that run close to the hardware (some are built into the hardware) that work to divide up cpu time, memory, and other hardware resources between multiple hosted VMs. They are typically small, secure, and very efficient. They also tend to be more OS agnostic, but often will use Linux to abstract access to hardware. Usefull for consolidating multiple busy servers onto bigger hardware and supporting legacy operating systems.
Its goal is to provide very high performance. It is probably the fastest hypervisor you can find and it achieves this through 'paravirtualization'. The x86 platform was never really designed to be virtualized.. its instruction set has some nasty details that makes this sort of thing difficult. Traditionally you would just use software emulation to work around this, but that comes with a performance penalty. Xen's solution is to modify the host to work around this and thus provides close-to-bare-hardware performance.
It's enjoyed a lot of attention and the benefit of Intel and AMD support. If the cpu supports VT/SVM virtualization extensions then it can run unmodified hosts like Windows. It's suitable for server use and has many advanced features that should make it attractive for 'Enterprise' work. Unfortunately it doesn't work well on a desktop (for instance it's currently console-only.. no graphics support, yet) and it can be quite difficult to setup.
It has a open source/Free software release as well as supported commercial versions. Microsoft recently got a agreement with Novell to get support for running Windows on Xen/Linux. Sun has shown interest for Solaris compatibility and support. Mainly supports x86/x86-64, but also POWER and I think also Sparc.
Advantages are high performance (Xen may be faster on certain operations) and it doesn't require modified hosts. Also it is suppose to have a very good management facilities. I don't have any personal experience with it.
Totally proprietary and very expensive (which is all relative, of course). I've heard it praised for its management facilities. It's the de-facto 'enterprise' solution for VM and enjoys good support from many vendors. x86/x86-64-only.
Part of the 'Vmware Infrastructure' product.
IBM has very advanced virtualization options. They basically started all this stuff. Originally used to develop mainframe software in the 60's they quickly realized the potential for it when time came to sell people new mainframes but they wanted to still supported the software from older architectures. They are decades ahead of everybody else and has many different attractive proprietary options. Mostly for the POWER platform, they'll also support Xen and I believe Vmware solutions.
Whatever the customer wants.
These are vm applications that run on top of a conventional operating system. They are a bit more heavy weight and have more of a performance overhead as hosted operating systems are running within the constraints of native operating system's memory management, scheduling, and other such things. Useful for desktops applications, normal server duty work, and for developers.
Available for Linux and Windows. This is what people typically think of when they hear 'Vmware' and are quite popular products. They offer good performance, high level of compatibility. They are proprietary and Vmware Player and Vmware Server is available at no cost. Easy to setup commercially supported software and have been around for a long time now. Supports x86, x86-64 as well as Windows.
Discussed above. Should offer good performance and be relatively lightweight. Will be available by default for all distros using the (in development currently) 2.6.20 kernel. The downside is that it requires newer processors that support virtualization extensions. x86/x86-64 + virtualization extensions.
Probably a unfortunate choice for a name. It'll make google searches difficult.
Qemu + proprietary kernel module. Similar to KVM (which in a large part seems to be based on Qemu). It uses the concept of 'dynamic translation' to allow functions to be processed on the native CPU rather then emulated in software. Offers 'ok' performance, it seems slower then Vmware stuff, but I don't know how it compares to KVM since I haven't had a chance to look at kvm closely yet. x86-only. Runs on Windows quite well also.
A virtualizer specifically for the Macintel hardware on OS X. Seems to be very useful and tailored specifically for the desktop. Requires OS X on Macintel hardware.
Microsoft Virtual Server
Microsoft's answer to Vmware. Has had compatibility problems in the past with Non-Windows operating systems, but they seemed to have been solved for the most part. Available at no-cost. Requires specific Windows server 2003
These things are based around the concept of 'improved chroot jail'. As you are aware there are significant problems associated with using chroot to increase security of your system by attempting to isolate questionable services. If a person is able to become root then it's not hard break out it. This sort of virtual machine is designed to solve these sort of issues and provide efficient isolation.
Since they share the same kernel and such they are very efficient, very fast. Almost no overhead associated with this sort of 'VM'. Fast I/O, fast disk access, efficient memory usage, etc etc. You can run dozens and dozens of these things with the same resource it takes just to run a few Xen hosts.
Commonly used for 'virtual private servers' for web hosting and for increasing the security of servers.
This is the only one of these type I actually have first person experience with. Very fast, very efficient. It's a mature product that has been around for a long time. Proven capabilities and active development. Very much of the 'improved chroot' design.
Like other VM technology they are handy when combined with clustering. I used a simple low-tech fail-over cluster technique using Vserver + Linux-HA + DRBD to have a fail over operating system. Had two computers, one ran the vserver, the other was backup. Pulled the plug on it, and the second system had the same Vserver with all the same files up and running within 2 seconds. Very simple, very reliable. Ran on 2 old 200mhz dells with 64megs of ram each.
Pretty cross-platform it should support the popular platforms that Linux supports.
OpenVZ is the open source counterpart to SWSoft's proprietary Virtuozzo product. Conceptually very similar to Vserver. Offers handy administrative tools and commercial support. Very popular in the 'virtual private server' business. You will have many many servers on commodity server, many times with as little as 16megs of RAM for each virtual system. x86 mostly, it also suppose to have some support for POWER.
This one is a bit odd. A sort of cross between this category and the above 'virtualizers' category. This is a Linux kernel specifically modified to run on top of another Linux kernel providing all the isolation benefits of running in a virtualized vm, but without a lot of the downsides. Cross-platform, it should support what the regular Linux kernel supports.
Follows strongly the 'improved chroot jail' concept. Don't know much about it, probably has been around longest. Very useful for increasing security through services isolation.
Solaris Zones/Solaris Containers
Advanced container functionality made available for Solaris 10. The Zones is the basic system-level isolation provided by Solaris were as Containers is the whole resource management package plus the isolation. Don't know much about it. It should be very interesting for any Solaris admin, or for anybody that wants to play around with network of Solaris machines, but only has one actual hardware system.
Also I think that there is a sort of 'Trusted Extensions' available for Solaris that provides role-based access controls and I think that it is associated with Zones, but I don't know exactly how.
These things are slow. In this class of virtualization the actual machine is emulated in a large way by software. They have high levels of isolation, but the high levels of resources used rule them out of any role besides casual desktop use, development, or supporting very old software that won't run on other VM solutions.
The open source IA-32'. It emulates a x86 box entirely in software. The video card, the video bios. BIOS, Hard drives, cdroms, floppies, sound, midi, the cpu is entirely built out of software. Everything. It'll run on any platform that can compile it. It will emulate a 386, 486, Pentium, Pentium-Pro, and AMD64 cpu. This will run the most oddball stuff that won't run on any other sort of VM. Very useful for a lot of stuff, as long as speed is not a big deal.
Multipurpose emulator. It's much much faster then Bochs. It's capable of doing things like running Flash on the X86 Macromedia flash player on a PowerPC computer or hosting a lightweight Linux install without much drama. It doesn't emulate a box nearly as entirely as Bochs, instead it tries to translate instructions as well as it can do to the native cpu. It's fastest doing things like x86 on x86, but it's capable of emulating a variety of hardware and cpus. It is capable of emulating x86, x86-64, PowerPC 32bit, PowerPC 64bit, Sparc 32bit, Sparc 64bit, Big endian ARM and little endian ARM.
Then in addition to that there are numerous platform-specific emulation machines, mainly for playing old games. Dosbox for accurately emulating MS-Dos on a x86 for instance. But any other old platform you can find something to run your software. Intellivision, Amiga, Atari, Gameboy, Nintendo, etc etc. Whatever you want usually.
Got something to add? Send me email.
More Articles by Drag Sidious © 2012-03-25 Drag Sidious