In computing, virtualization is a broad term that refers to the abstraction of computer resources. One useful definition is a technique for hiding the physical characteristics of computing resources from the way in which other systems, applications, or end users interact with those resources. This includes making a single physical resource, such as a server, an operating system, an application, or storage device, appear to function as multiple logical resources; or it can include making multiple physical resources, such as storage devices or servers, appear as a single logical resource.
One form of platform virtualization is commonly known as native or full virtualization, in which the virtual machine simulates enough hardware to allow an unmodified guest operating system (“OS”) to be run in isolation. Typically, many instances can be run at once. Examples include VirtualBox, Virtual Iron, Virtual PC, VMware Workstation, VMware Server (formerly GSX Server), VMware ESX Server, QEMU, Parallels Desktop, Adeos, Mac-on-Linux, Win4BSD, Win4Lin Pro, and z/VM.
Partial virtualization, including address space virtualization, involves the virtual machine simulating multiple instances of a portion of the underlying hardware environment, particularly address spaces. Such an environment supports resource sharing and process isolation, but does not allow separate guest operating system instances. Although not generally viewed as a virtual machine category per se, this approach has been used in such systems as CTSS, the experimental IBM M44/44X, and arguably such systems as OS/VS1, OS/VS2, and MVS. Many more recent systems, such as Microsoft Windows and Linux also use this basic approach.
In paravirtualization, the virtual machine does not necessarily simulate hardware, but instead or in addition offers a special API that can only be used by modifying the guest OS. This system call to the hypervisor is referred to as a hypercall in Xen, Parallels Workstation, and Enomalism. It is implemented via a DIAG (“diagnose”) hardware instruction in IBM's CMS under VM, which was the origin of the term hypervisor. Examples include Win4Lin 9×, Sun's Logical Domains, and z/VM.
Application virtualization is the execution of a desktop or server application locally, using local resources, within an appropriate virtual machine. This is in contrast with running the application as conventional local software, i.e. software that has been installed on the system. Such a virtualized application runs in a small virtual environment containing the components needed to execute, such as registry entries, files, environment variables, user interface elements, and global objects. This virtual environment acts as a layer between the application and the operating system, and eliminates application conflicts and application-OS conflicts. Examples include the Sun Java Virtual Machine, Softricity, Thinstall, Altiris, and Trigence.
Operating system-level virtualization involves virtualizing a physical server at the operating system level, enabling multiple isolated and secure virtualized servers to run on a single physical server. The guest OS environments may share the same OS as the host system, i.e. the same OS kernel is used to implement the guest environments. Applications running in a given guest environment view it as a stand-alone system. As a result, more virtual environments, containers, virtual private servers, and/or virtual dedicated servers may be supported on a given system.
Operating system-level virtualization may allow for the kernel of an operating system to have multiple isolated user-space instances instead of just one, so every user may work in their own space with the look and feel of having a real computer or server from the point of view of its respective user. This may allow each user to retain a degree of ownership over their own respective standard work environment, while making the most efficient use of the host's resources in a controlled environment.
Each virtual environment may have, as non-limiting examples, its own superuser (root or Administrator), set of users/groups, IP address(es), processes, files, applications, system libraries configuration files or any combination thereof. The file system may be structured so that all the information including centralized data storage, central backup and central email or any other divisions of the virtual environment may be stored in the home directory of the user on the host system. Because they rely on the services of a single kernel, all virtual environments on a given host system may run the same kernel, but everything else including, but not limited to system libraries, configuration and program files may vary among different virtual environments.
Examples of software or operating system-based virtualization may include but are not limited to OpenVZ, Linux-VServer, Parallels® Virtuozzo Containers, Solaris Containers, Solaris Zones, and FreeBSD Jails.
Conventional approaches to hosting multiple (e.g., hundreds or even thousands) of separate virtual computing environments fully virtualize the operating system for each virtualized instance or customer container. As a result, for each container loaded, a full operating system must be either launched (in full virtualization) or installed into the container root directory (in container based virtualization).
This has a number of downsides. For example, the machine hosting the virtualized system must hold caches for each virtual environment, which wastes memory. Second, when processes are started, shared libraries are loaded. Because multiple operating environments are loaded, the shared libraries are loaded multiple times—once for each container, even if they are the same library in a different file. Third, each container instance operating system must be individually managed, again requiring duplication of effort and resources. Also, it is not possible to perform a full deterministic upgrade/rollback of the operating system installation inside the container without a large amount of effort to snapshot the state on the instance.
What is needed, therefore, is a better way to design and manage large-scale implementations of virtualized machines being operated for multiple parties.