Virtualization with KVM
KVM is a fairly recent project compared with its competitors. In an interview with Avi Kivity, the main developer, he compared KVM with alternative solutions:
In many ways, VMware is a ground-breaking technology. VMware manages to fully virtualize the notoriously complex x86 architecture using software techniques only, and to achieve very good performance and stability. As a result, VMware is a very large and complex piece of software. KVM, on the other hand, relies on the new hardware virtualization technologies that have appeared recently. As such, it is very small (about 10,000 lines) and relatively simple. Another big difference is that VMware is proprietary, while KVM is open source.
Xen is a fairly large project, providing both paravirtualization and full virtualization. It is designed as a standalone kernel, which only requires Linux to perform I/O. This makes it rather large, as it has its own scheduler, memory manager, timer handling and machine initialization.
KVM, in contrast, uses the standard Linux scheduler, memory management and other services. This allows the KVM developers to concentrate on virtualization, building on the core kernel instead of replacing it.
QEMU is a user-space emulator. It is a fairly amazing project, emulating a variety of guest processors on several host processors, with fairly decent performance. However, the user-space architecture does not allow it to approach native speeds without a kernel accelerator. KVM recognizes the utility of QEMU by using it for I/O hardware emulation. Although KVM is not tied to any particular user space, the QEMU code was too good not to use—so we used it.
KVM, however, is not perfect due to its newness; it has some limitations including the following:
At the time of this writing, KVM supports only Intel and AMD virtualization, whereas Xen supports IBM PowerPC and Itanium as well.
SMP support for hosts is lacking in the current release.
However, the project is continuing at a rapid pace, and according to Avi Kivity, KVM already is further ahead than Xen in some areas and surely will catch up in other areas in the future.
How Virtualization Works
Platform virtualization is an old technology; however, in recent years, the hardware and operating systems have matured to the point of making the promise of virtualization a reality. The most fundamental part of virtualization is the hypervisor. The hypervisor acts as a layer between the virtualized guest operating system and the real hardware. In some cases, the hypervisor is an operating system, such as with Xen; in other cases, it's user-level software, such as VMware. The virtualized guest operating system, or the virtualized instance, is an isolated operating system that views the underlying hardware platform as belonging to it. But, in reality, the hypervisor provides it with this illusion.
Processor Support for Virtualization
Due to the resurgence of interest in virtualization technology, microprocessor manufacturers have updated their processors to have native support for virtualization. Doing so allows the processor to support a hypervisor directly and simplifies the task of writing hypervisors, as is the case with KVM. The processor manages the processor states for the host and guest operating systems, and it also manages the I/O and interrupts on behalf of the virtualized operating system.
KVM has been added to many distribution-specific repositories, including OpenSUSE/SUSE, Fedora 7 (which comes with KVM built-in), Debian and Ubuntu (Feisty).
For other distributions, you need to download a kernel of version 2.6.20 and above. When compiling a custom kernel, select Device Drivers→Virtualization when configuring the kernel, and enable support for hardware-based virtualization. You also can get the KVM module along with the required user-space utilities from sourceforge.net/project/showfiles.php?group_id=180599.
I have installed the OpenSUSE packages; hence, filenames used in the examples in this article may be different from those in your release.
Using the compiled kernel with virtualization support enabled, the next step is to create a disk image for the guest operating system. You do so with qemu-img, as shown below. Note that the size of the image is 6GB, but using QEMU's copy-on-write format (qcow), the file will grow as needed, instead of occupying the full 6GB:
# qemu-img create -f qcow image.img 6G
Instantiation of a new guest operating system is provided by a utility called qemu-kvm. This utility works with the kvm module, using /dev/kvm to load a guest, associate it with the virtual disk (a regular QEMU qcow file in the host operating system), and then boot it. In some distributions this utility may be called kvm.
With your virtual disk created, load the guest operating system into it. The following example assumes that the guest operating system is on a CD-ROM. In addition to populating the virtual disk with the CD-ROM ISO image, you must boot the image when it's done:
# qemu-kvm -m 384 -cdrom guestos.iso -hda image.img -boot d
The I/O in the current release of KVM is handled by QEMU, so let's look at some important QEMU switches:
-m: memory in terms of megabytes.
-cdrom: the file, ideally an ISO image, acts as a CD-ROM drive to the VM. If no cdrom switch is specified, the ide1 master acts as the CD-ROM.
-hda: points to a QEMU copy-on-write image file. For more hard disks we could specify:
#qemu-kvm -m 384 -hda vmdisk1.img -hdb vmdisk2.img -hdc vmdisk3.img
-boot: allows us to customize the boot options; the -d switch boots from the CD-ROM.
The default command starts the guest OS in a subwindow, but you can start in full-screen mode, by passing the following switch:
Additionally, KVM allows low-level control over the hardware of the virtualized environment. You can redirect serial, parallel and USB ports to specific devices by specifying the appropriate switches. Sound in the VM is supported as well, and you can pass your sound card to the VM via the -soundhw switch to enable sound.
The following are some keyboard shortcuts:
Ctrl-Alt-F: toggle full screen.
Ctrl-Alt-N: switch to virtual console N.
Ctrl-Alt: toggle mouse and keyboard.
|diff -u: What's New in Kernel Development||Sep 04, 2015|
|Android Candy: Copay—the Next-Generation Bitcoin Wallet||Sep 03, 2015|
|The True Internet of Things||Sep 02, 2015|
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
- diff -u: What's New in Kernel Development
- Using tshark to Watch and Inspect Network Traffic
- The True Internet of Things
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- Concerning Containers' Connections: on Docker Networking
- September 2015 Issue of Linux Journal: HOW-TOs
- Firefox Security Exploit Targets Linux Users and Web Developers
- Android Candy: Copay—the Next-Generation Bitcoin Wallet
- Where's That Pesky Hidden Word?
- A Project to Guarantee Better Security for Open-Source Projects