Over the past decade the mobile phone has evolved from a voice-centric device into a mobile personal computer. No longer just for telephony, the mobile phone has become a multitasking tool, useful for activities such as emailing and web browsing. The current trends for mobile phones are toward the mimicking of desktop functionality. As a result, mobile devices are becoming enterprise endpoints with rich applications and core enterprise connectivity. Because an enterprise may need to specifically provision a mobile device for accessing restricted data, an employee may either have to sacrifice a personal device or carry two devices, one personal and one enterprise, to work.
From an end-user perspective, it is desirable to consolidate a personal mobile device with an enterprise device. Virtualization offers an opportunity to provide a convenient solution by preserving isolation of environments without requiring a second physical enterprise device. Supporting an enterprise environment on a personal mobile phone through virtualization techniques represents an attractive alternative to existing solutions involving multiple physical mobile phones. The rapid pace of hardware advances in mobile devices over the past several years has led to a class of mobile phones with resources capable of supporting a virtual machine running on a mobile phone (e.g., a “virtual phone”) where the virtualization overhead is small.
VMware's Horizon Mobile platform enables enterprise management of an isolated virtual machine (VM) based environment on employee owned smartphones. This is achieved by multiplexing two phone personas, a work and a home phone, on a single mobile device via system virtualization. Such multiplexing facilitates a Bring Your Own Device (BYOD) approach to managing IT resources in an enterprise, in which an IT department can provide an employee the freedom to select their own device and provision it with a VM containing the work environment. A hypervisor and on-device management components enable the VM to be managed remotely by the enterprise, while the home environment remains under the complete control of the employee. Horizon Mobile currently employs a hosted model, in which the work VM runs as a guest on top of a host providing the home phone environment. The host has bounded storage, e.g. Android® devices typically offer two types of storage to applications:
Internal.
Internal storage includes internal NAND flash memory or embedded MultiMediaCard/Secure Digital (eMMC/eSD) chips, fixed and constrained in size due to cost and power consumption. Today, capacities typically range between 256 MB and 64 GB. The system kernel, middleware and libraries reside on internal storage as well as application code and some application data.
External.
Small form factor Secure Digital (microSD) cards are almost universally standard and provide removable mass storage (up to 32 GB) for application data. Secure Digital Extended Capacity (SDXC) cards will support up to 2 TB capacities in the future. Removable Secure Digital (SD) card storage benefits from the economies of semiconductor scaling and supply after a smart phone has been shipped and purchased.
In general, a mobile virtualization platform (MVP) such as Horizon Mobile locates VM disk images on external storage due to internal storage capacity limitations. The limited SD card space is shared between guest and host. One standard allocation method is to pre-allocate the space for the guest VM image on the host file system at VM creation time, which is a form of storage partitioning. This ensures that sufficient space is available on the host to meet the storage expectations of the guest. Unfortunately, this can result in storage resources allocated to the guest being underutilized, since space is statically reserved and unavailable to the host. Another problem with this method is that the creation of a large image may be time consuming, impacting user experience. For example, with an Android device, when creating the VM image on an SD card, the Linux FAT driver will zero each block, which may take several minutes for a multi-gigabyte VM image.
An alternative allocation method is to over-provision the system, by not reserving the complete VM image at VM creation. This is a strategy similar to that employed by VMware Workstation® and Fusion®, where the guest VM image may be broken up into multiple extents, e.g. a 100 GB VM disk image may consist of five 20 GB extents. If the guest has only modified 30 GB worth of data then only two extents need to be allocated on the host. With this strategy it is possible to exhaust storage space on the host and have a guest I/O trigger an extent allocation that fails. When disk space is exhausted, available options include suspending the guest or returning an I/O error to the guest kernel. An administrator may be required to manually resolve the failed extent allocation. The administrator can also attempt to manually adjust the size of various disk images for different VMs. This is an inefficient and ineffective approach to managing the utilization of available physical disk space between guest systems and the host.