A virtual machine is a software implementation of a computer that includes its own guest operating system to execute one or more applications and processes. A host computing system allocates a certain amount of its resources to each of the virtual machines, and multiplexes the underlying hardware platform among the virtual machines. Each virtual machine is then able to use the allocated resources, such as processing cycles, memory, and the like to execute its own guest operating system and applications. The software layer providing the virtualization is commonly referred to as a hypervisor, which abstracts the underlying hardware of the host computer and provides the abstracted hardware to each of the individual virtual machines.
During execution of the virtual machines on the host computing systems, virtual machines may require a handoff from a first hypervisor to a second hypervisor to provide the proper operations. This handoff requirement may occur as a result of updates to a host computing system, updates to a hypervisor on a host computing system, a new host computing system becoming available for the virtual machine, or any other reason.
In some implementations, virtual machines may be distributed across multiple host computing systems and hypervisors to provide various data services. These virtual machines, sometimes referred to as virtual network elements, forward data packets for the data services, wherein the different data services are associated with a particular subset of virtual network elements. For example, a first set of virtual network elements may be associated with a first data service, while a second set of virtual network elements are associated with a second data service. These network elements include, but are not limited to, a: Mobility Management Entity (MME), Service Gateway (S-GW), Packet Data Network Gateway (P-GW), Policy Charging and Rules Function (PCRF), Home Subscriber System (HSS), Baseband Processing Unit (BBU), Radio Resource Control (RRC) processor, Radio Link Control (RLC) processor, Packet Data Convergence Protocol (PDCP) processor, Media Access Control (MAC) processor, Residential Gateway (R-GW), Set-Top Box (STB), Dynamic Host Control Protocol (DHCP) server, Network Address Translation (NAT) firewall, Border Controller (BC), Load Balancer (LB), media server, and network accelerator.
Overview
Examples described herein provide enhancements to the handoff process for a virtual machine from a first hypervisor to a second hypervisor. In one implementation, a method of transitioning a virtual machine from a first hypervisor to a second hypervisor includes identifying a request to transition the virtual machine from the first hypervisor to the second hypervisor. The method further provides determining security trust requirements for the virtual machine and exchanging trust information between the first hypervisor and the second hypervisor. The method also provides determining whether the second hypervisor is capable of supporting the virtual machine based on the trust information and the security trust requirements for the virtual machine and, if the second hypervisor is capable of supporting the virtual machine, initiating a handoff of the virtual machine from the first hypervisor to the second hypervisor.