A Comparison of Hypervisor-Based VirtualisationWith Container-Based Virtualisation

Name: Alex Tang

Candidate Number: 132219

Date: 02/05/2016

1

Table of ContentsIntroduction

Definitions

Implementations

Discussion

Examples

Summary and Conclusion

2

IntroductionResearching the purposes and uses of virtualization will provide me with the information required to understand the benefits and downsides of a shared system concept. I will go into detail about what Hypervisor and Container based virtualizations are, as well explain the ideas behind why the respective version are used in different applications and scenarios, proceeding then into how both versions are implemented in a real day system with examples given from researching online resources such as reports, forums and source code.

Before researching hypervisors, I would need to research emulators and virtual machines to get a broad understanding of the types of entities that interact with a given hypervisor.

DefinitionsEmulator

An emulator can both be software and hardware or either, it simply enables one computer system to behave line another system. Looking solely at hypervisors, “an emulator enables a host system to run software or use peripheral devices designed for the guest system.” 1

Virtual Machine

A virtual machine is an emulation of a specific computer system. The virtual machine is an application environment that performs the same functionalities as dedicated hardware, enabling the use of two or more different operating systems.

Hypervisor-Based Virtualization

"A hypervisor, also called a virtual machine manager, is a program that allows multiple operating systems to share a single hardware host."2

With two different types of real world Hypervisor virtualizations available, both have pros and cons, but both perform almost identical virtual server operations. The main goal of a hypervisor is to ensure there are no disruptions between multiple virtual servers when guest computers require respective resources.1 https://en.wikipedia.org/wiki/Emulator2 http://searchservervirtualization.techtarget.com/definition/hypervisor

3

Bare metal (type 1) Hypervisor virtualization:

Taking a more hands down approach is the bare metal hypervisor. With no direct host operating system interaction, this type of hypervisor runs directly on the hosts’ hardware whilst managing multiple virtual machines from the guest machines.

Figure 1: A Bare metal Hypervisor3

Embedded (type 2) hypervisor virtualization:

Different from its counterpart, the type 2 hypervisor fully runs on the hosts’ operating system, using it as surface to process interactions from guest machines.

3 https://en.wikipedia.org/wiki/Hypervisor

4

Figure 2: An Embedded Hypervisor (3)4

Container-Based Virtualization

“Approach to virtualization where the virtualization layer runs as an application within the operating system”5

The operating system kernel (containing the virtualization layer) runs on the hardware directly, having several individual guest virtual machines implemented on top of it. Analysing this application of the container-based virtualization, each of the virtual machines run on the same kernel, but, they effectively have their own memory, processor and file system, hence why the guest computers are named containers.

ImplementationsBare metal (type 1) Hypervisor virtualization:

A type 1 hypervisor is implemented directly on the host’s hardware in order to control and manage guest operating systems.

4 https://en.wikipedia.org/wiki/Hypervisor5 http://searchservervirtualization.techtarget.com/definition/container-based-virtualization-operating-system-level-virtualization

5

Figure 3: Type 1 hypervisor embedded directly with the hardware6

Embedded (type 2) hypervisor virtualization:

Being solely part of the operating system, the embedded hypervisor functions directly with the operating system to process guest computer VM interactions. Implemented directly to the OS, the hypervisor has many more functionalities.

Figure 4: How the embedded hypervisor interacts with different VMs7

Container-Based virtualization6 http://www.techdesignforums.com/practice/technique/embedded-software-virtualization-comes-of-age/7 http://www.techdesignforums.com/practice/technique/embedded-software-virtualization-comes-of-age/

6

Implementations of container-based virtualization are developed for different operating systems, for instance Parallels Virtuozzo can only be set up on a Windows or Linux host8 and LXC is only implemented for Linux9. Looking at open source code provided by LXC it can be seen how each guest computer virtual machine can be treated as a regular operating system (or container).

Figure 5: Snippet of source code for a container based virtualization10

DiscussionBefore going into the detail that is the pros and cons of the two virtualization concepts, it would be best to understand why virtualization as a whole has been rejuvenated by Unix and Linux systems.

Most importantly, the increase in hardware capabilities allows each single machine to do more simultaneous work, which in turn boosts efficiency and decreases processer wait times.

Sustaining a growing business model requires careful planning and expenditure, especially when scaling to a large scale meaning managing and maintaining servers can be complex and costly, virtualization allows for the simplification through the consolidation of servers.

With new up and coming OS’s and hardware, virtualizations allows for the ability to run complex, OS-dependent applications using different hardware or Operating Systems environments.

Looking into the advantages and disadvantages of both virtualization methods we can see that they perform better in an environment that requires specific

8 https://virtuozzo.com/solutions/9 https://linuxcontainers.org/lxc/documentation/10 https://linuxcontainers.org/lxc/documentation/

7

goals, i.e. more security, higher reliability or even host machine processor speed.

Bare metal (type 1) Hypervisor virtualization:

A bare metal hypervisor virtualization does not interact with an OS or any other system layers on the host machine, meaning speed and efficiency dramatically increase as overhead is decreased.

Furthermore, if a single VM guest crashes it does not affect the rest of the guests operation systems, therefore type 1 hypervisors are considered more secure than type 2 hypervisors.

On the other hand, one key disadvantage is the inability to install a type 1 hypervisor with ease, plus upgrading results in the replacement of all the used hardware upon which the type 2 hypervisor functions.

Embedded (type 2) Hypervisor virtualization:

Type 2 hypervisors do however have the capability to support a wide range of hardware as the Operating system (which the type 2 hypervisor is built upon) is in control of all the hardware.

Embedded hypervisors support multiple operating systems on a single processor for trivial tasks such as low-level-real-time communication stack updating. A general purpose operating system is however still needed to support user applications such as web browsing. Using the single processor simplifies the ability to upgrade an existing system, removing the whole complexion of a second processor.

Looking at the disadvantages of type 2 hypervisors, there are many more points of failure. Anything that affects the functionality and stability of the base operating system can also affect the guest VM’s.

If a reboot on the host system needs to occur, all the connected VM’s will also need to be rebooted, which as whole decreases the sense of individuality and increases the need for coordination.

Container virtualization:

Containers through research seem to have many more advantages than the commonly used hypervisors, for example Google’s services are all container

8

virtualizations, showing that a leading provider has chosen container vs hypervisor.11

If using a Docker for container virtualization, one main advantage is the ability to ship the created ‘containers’. The whole container (with whatever application/software) can be sent to anybody or even a remote server with ease at a 100 percent guarantee rate that the shipped application/software will work with the target environment.

“The big difference between OS-level virtualization and hypervisor-based virtualization is that container-based virtualization doesn't use complete virtual machines.”12 The virtualization layer ensure there is no interference between different contains, treated each container as a virtual machine in its own right, with just one operating system in charge of maintaining hardware access.

One key disadvantage of containers, is that there is no flexibility in virtualizing different operating systems. This disadvantage could be argued as invalid using the idea:

“Why would you want complex support for full hypervisor-based virtualization of a complete operating system when all you need is other instances of the same operating system that you already run as the host operating system?”13

ExamplesHypervisor virtualization

KVM - open source kernel based virtual machine is a Linux based type 2 hypervisor.

VMware vSphere - commercial type 2 hypervisor.

Hyper-V - commercial type 2 hypervisor.

Container based virtualization:

LXC - open source Linux based container virtualization.

Red Hat - commercial Linux based container virtualization.

Canonical - commercial Linux based container virtualization.11 http://www.networkcomputing.com/cloud-infrastructure/virtual-machines-vs-containers-matter-scope/203993294312 http://searchservervirtualization.techtarget.com/tip/Virtualization-performance-and-container-based-virtualization13 https://www.linux.com/news/containers-vs-hypervisors-battle-has-just-begun

9

Summery and conclusionsWithout a partial view, I can gather that both type of virtualization concepts have their uses in day-to-day appliances. Big companies who offer many services tend to take up container-based virtualization, whereas the smaller organizations tend to use type 2 hypervisor virtualization. Researching this topic gave me insight as to why many companies are removing their needs for physical medians of transferring applications, companies such as google for instance have used container based virtualization from the beginning.

10