A virtual machine is a software construct designed to run computer programs like a real physical machine. As an example, a virtual machine may comprise various software components for running executable code written for a particular computing platform. Such executable code may include, among other things, operating system code, application programs, software drivers, and so on.
A virtual machine does not necessarily have a direct correspondence to a real physical machine; however, virtual machines are often designed to imitate the behavior of specific hardware architectures. As an example, a virtual machine may be designed to imitate the behavior of an x86 processor.
Virtual machine infrastructures (VMIs) have been developed to coordinate user access to collections of virtual machines and to provide additional features such as virtual networking capability, virtual data storage management, and so forth. In general, a VMI comprises a set of physical computational resources, virtualization software for creating virtual machines on the physical computational resources, and management software for managing the virtual machines and coordinating access to the virtual machines.
In one example, a VMI comprises a set of physical computers each running multiple virtual machines. Users at separate remote-access consoles access the different virtual machines over a local area network. Each console includes a virtual machine interface designed to allow a user to interact with a virtual machine in the same way that the user would interact with a local machine. For instance, the virtual machine interface may present a user desktop and explorer windows similar to those found in an ordinary personal computer.
Within a VMI, different virtual machines may be individually configured according to the users' unique needs and preferences. For instance, the different virtual machines may run different types of operating systems (e.g., Windows, Linux), allowing the users to use different operating-system-specific programs within the VMI. Additionally, each of the virtual machines may provide a different level of performance so that the resources of the single physical computer can be efficiently divided among users having different computational demands.
Recently, large enterprises have begun employing complex VMIs to provide virtual computing resources for large groups of users. These users may work together, but have different computational demands. As an example, a company with hundreds of employees may set up a virtual data center comprising many physical machines each configured to run several virtual machines for use by the employees.
The virtual machines can be configured in accordance with the different computational demands and preferences of the different employees. For instance, an employee whose job requires a significant amount of computing power—say, an engineer who runs test simulations on complex circuits—may use a virtual machine configured with higher throughput and more memory, compared with an employee whose job only requires the use of a few simple programs such as a word processor and an Internet browser. Similarly, an employee whose job requires a relatively high level of system access—say, a system administrator—may use a virtual machine configured with a higher level of access within the VMI compared with an employee whose job requires a relatively lower level of access.
Conventional VMIs are designed for use within a single organization, i.e., a single company or group of users. In this type of VMI, the operation of the virtual machines is governed by a common set of rules, such as a common hierarchy of access rights, usage rights, quality of service guarantees, and naming conventions. Additionally, in this type of VMI, the administration of the computing hardware and operating software as well as the configuration and execution of virtual machines on this infrastructure are controlled by a single administrative entity, i.e., a single system administrator or group of system administrators. Furthermore, these conventional VMIs do not provide adequately isolated or independent network services or storage services for virtual machines executed by different users. Also, these conventional VMIs do not support adequate resource usage quota, reporting, and enforcement mechanisms.