Virtualization & Segmentation

One key change in the industry since the launch of Linux 2.6 has been the mainstream adoption of virtualization. This technology allows for the creation of virtual machines such that a Linux user is able to run another copy of Linux or even Microsoft Windows “in a window” on their desktop. Virtualization is not just a desktop technology: Large organizations use virtualization to keep down hardware costs and reduce downtime do to system failures. Linux 3.0 significantly improves support for virtualization, both as a client and as a server.

The largest change in this area is the addition of the Kernel-based Virtual Machine (KVM) system. This built-in virtualization allows most Linux systems to run multiple operating systems without the need for commercial software or to boot an alternative kernel first. KVM also supports paravirtualization to allow Linux-on-Linux guests to run more efficiently by not abstracting or emulating all aspects of the underlying hardware and advanced memory deduplication across virtual hosts. Normally, each virtual machine on a system has its own memory space which is not shared. If there are several copies of Windows 7 running, for example, there will be several copies of the Windows core features in memory at the same time. This feature allows Linux and KVM to host more virtual machines than you have physical memory for, by intelligently identifying areas which are identical between multiple virtual machines and storing them only once. This enables significant cost savings in many virtualization environments.

In addition to acting as its own virtual machine manager, or hypervisor, Linux has made improvements to allow it to run better inside of others' virtual machines. On the open source side, this includes full support for running (in para- or fully-virtualized mode) on top on the Xen hypervisor. But Linux also has improved support for running on top of commercial virtualization systems such as VMWare, including optimized network, storage, and graphics drivers. Linux even supports modifying the amount of memory in a VMWare virtual machine on the fly.

Closely related is the thinner Linux-on-Linux virtualization supported by open source products such as OpenVZ. In these systems, the virtual server simply runs as a locked-down process on the host server, without having the overhead of a more complete implementation. In this regard, Linux now supports multiple groupings and namespaces for elements like processors, the process IDs, and many others. The groupings allow something akin to process quotas for I/O and processor activity: you can lock down a specific amount of processing to always be given to a set of processes while loading everything else as normal. The multiple namespaces means that those processes can even see different views of the “local” system, such as different mount points, or can prevent those processes from seeing ones outside their group.

Linux 3.0's improved support for virtualization even extends to hardware as Linux supports the I/O Virtualization standard used in some PCI Express devices. With compatible hardware, a specific physical device such as a network card can appear under Linux as several devices, each of which can be assigned to processes or virtual machines. While this can already be accomplished in software, Linux's ability to do this directly on compatible hardware makes it a great choice for server virtualization.

Continue on to Clustering...