27 Apr 2017: Some Virtualization Clarifications

Many thanks to Stephen James for helping me get a few things sorted out.

First, he was right to point out that the difference between Type 1 and Type 2 hypervisors is different than the difference between full virtualization and paravirtualization. For the sake of clarity, let’s call anything that provides a virtual machine abstraction to be a hypervisor—removing Monday’s virtual machine monitor terminology. Then we can use the following definitions:

  • Type 1 hypervisor: runs directly on top of the bare metal.
  • Type 2 hypervisor: runs on top of another operating system.

Both Type 1 and Type 2 hypervisors can provide both full and paravirtualization to guests. Full virtualization means that they guest OS runs unaltered; paravirtualization means that it has been modified to work with the hypervisor. Obviously the requirements of hypervisors that provide paravirtualization are different. Both both full and paravirtualization hypervisors can be either Type 1 or Type 2, depending on when they are loaded. But again: the requirements of Type 1 and Type 2 hypervisors are different. Type 1 can work directly with hardware, since there is no host OS below it, while Type 2 has to deal with the host OS.

Further complicating this story is the emergence of new hardware instructions to support and accelerate virtualization. Paravirtualized guests can usually not take advantage of these instructions, while unmodified guests can. As a result, EC2 seems to be moving away from paravirtualization for their server environments.

Although what seems to be emerging is, as is frequently the case, a hybrid. Xen’s virtualized network and disk interfaces turned out to be a really good idea and improved performance dramatically. So those drivers have now been ported and are available on unmodified operating systems and used when they detect they are running inside a virtual machine. So you end up with the best of both worlds: the ability to take advantage of hardware virtualization acceleration made possible by full virtualization, but improvements to IO and network performance that are inherited from paravirtualization.

I suspect that what I’ve ended up doing is complicating things a bit further—but this stuff is complicated. And now you know a bit more. (Hopefully.)