Evolution of x86 Hypervisors
VMWare and Full Virtualization
In the early days of distributed computing, many experts considered x86 virtualization near to impossible due to the complexity of the platform. In contrast to the virtualization-friendly IBM mainframe, x86 operating systems depended on sensitive and privileged instructions that could only be executed from Ring 0, meaning directly on the hardware. This changed in 1998 when VMWare developed software able to isolate and translate the binary code of these privileged kernel instructions in real time. This process is known as full virtualization, as guest operating systems running on top of virtualization software (known as a hypervisor) are unaware that they are not running natively from Ring 0. From the point of view of the operating system kernel, instructions continue to execute as though they were running natively on a system with full access to all system resources. This illusion of direct execution and resource monopolization is made possible by virtual machine monitors, which dynamically allocate centralized system resources across one or more virtual copies of BIOS, I/O devices, memory, etc. By maintaining virtualized copies of all physical resources, fully-virtualized operating environments are identical to those running directly on hardware, allowing a single physical machine to run multiple operating environments that are fully unaware of each other and their hypervisor. Due to the use of standard interfaces, each of these virtualized environments can be moved between hypervisors and physical systems without significant modification. Nevertheless, the need to manage centralized resources across redundant virtual devices leads full virtualization techniques to require significant processing overhead.
Xen and Paravirtualization
In 2004, the open-source Xen project sought to design a new system of virtualization that could increase performance by cutting down on redundant overhead. The result of this project is called paravirtualization or “alongside virtualization,” which offers improved performance, efficiency, and simplicity at the expense of compatibility and portability. Rather than acting as if running natively on hardware, paravirtualized environments run modified kernels that can issue direct commands to the hypervisor, dramatically simplifying the process of virtualization by eliminating the need for redundant memory management, interrupt handling, time keeping, and real-time interception and translation of binary code. This offers the potential for significantly improved virtualization performance at the expense of the illusion of isolation (the guest OS is now aware of its hypervisor) and complete guest OS portability (as the modified kernel is not dependent on its specific hypervisor). Additionally, the need to modify the kernel precludes the paravirtualization of most proprietary operating environments, including Microsoft Windows. Although recent versions of the Xen paravirtualization suite have achieved compatibility with Windows, this has been through the implementation of support for new x86 hardware virtualization techniques (such as VT-x and AMD-V) that leave the underlying kernel untouched. Paravirtualization and full virtualization offer a trade off between virtualization overhead and flexibility. This cost-benefit analysis is further affected by the increasing development of hardware virtualization in new Intel and AMD processors.
KVM and Linux Integration
In 2007, a small Israeli start-up named Qumranet released a new open-source virtualization solution called KVM (Kernel-based Virtual Machine). Rather than using the paravirtualization techniques then being pioneered by the open-source Xen group, this new product used full-virtualization similar to VMWare solutions. Despite lacking both the performance enhancements of paravirtualization and the maturity of VMWare, this product gained substantial popularity when it was natively included in the stock Linux 2.6.20 kernel. This occurred largely because KVM lacked the technical restrictions associated with Xen’s use of paravirtualization, namely the need to customize the kernel to issue hypercalls. By using full-virtualization, KVM could be integrated into the stock Linux distro more easily and less disruptively than Xen while providing greater support for proprietary and open-source operating systems. By establishing itself as the flagship Linux virtualization platform, KVM began to enjoy significant advantages over alternate virtualization methods. As a part of the stock Linux distro, all flavors of Linux could be virtualized on KVM, as opposed to Xen, which limited users to certain supported flavors and versions of Linux (some of which depended on proprietary Citrix components). As a full-virtualization solution, KVM uniformity across Linux ensured the full portability and cross-compatibility of virtualized environments across Linux flavors, enabling a company to migrate their virtualized workloads from a KVM hypervisor running on Ubuntu Linux to a KVM hypervisor running on Red Hat Linux.
Despite these advantages, the status and stature of KVM vis-à-vis the other virtualization solutions led competing companies to attempt to use the technology to leverage their product offerings. In 2008, Red Hat acquired Qumranet to bolster the development of KVM and its establishment as the universal open-source virtualization platform. The goal of this move was to strengthen the leadership of Red Hat and its partial-owner IBM (which has used KVM as the backbone of its Cloud offerings) in the x86 virtualization space against VMWare and the assorted companies (Oracle, Citrix, and others) that had supported the Xen paravirtualization methodology. By strategically pushing for KVM and dropping support for Xen, IBM and Red Hat polarized the Linux community, which had hitherto been divided between virtualization and paravirtualization implementations. This polarization led Citrix and Oracle to lobby Linus Torvalds on behalf of Xen, resulting in the recent decision to natively support both KVM and Xen in the latest stock Linux distro. Although it is yet to be determined how this decision will affect the adoption of virtualization and paravirtualization techniques, it is clear that this move will eliminate many of the disadvantages previously associated with Xen, including slower upgrades and higher maintenance costs, by ensuring that all versions of Linux have out-of-box Xen support. Although different parties continue to support and promote their preferred standards, users are now fully free to choose between KVM full-virtualization and Xen paravirtualization based off the relative merits of their underlying architectures. Given this intense competition, and the gradual advancement of hardware virtualization techniques on Intel and AMD x86 processors, it is clear that virtualization will remain a contentious and dynamic space in Information Technology.
This post was originally posted on Millennial Mainframer