The Kernel-based Virtual Machine (KVM) gets a bad rap largely due to misconceptions about whether it’s a Type 1 or Type 2 hypervisor, according to IBM chief virtualization architect Michael Day.
It’s an age-old debate, but the distinction between Type 1 vs. Type 2
“People have drawn conclusions around the performance and security of KVM based on whether it’s Type 1 or Type 2,” said Day, who gave a presentation on KVM myths at last week’s Linux Foundation Collaboration Summit. “Some of IBM’s customers have seen and mentioned the perception that performance is more difficult to achieve, as well as the insinuation out there that it’s less secure if it’s hosted [in an operating system as a Type 2 hypervisor].”
A historical debate
KVM is the virtualization layer in the Linux kernel. Like all server virtualization implementations, it includes an element called a virtual machine (VM) monitor that provides isolation between workloads and translation between physical hardware resources and the virtual hardware presented to applications for consumption.
The distinction between Type 1 and Type 2 hypervisors hinges on the number of times that translation occurs between the VM monitor and the guest operating system. With Type 1, or bare-metal hypervisors, only one translation occurs. Type 2 hypervisors, on the other hand, require a two-layered process that traverses the host OS as well as the VM monitor.
This difference between the two types dates back to a paper called “Formal Requirements for Virtualizable Third Generation Architectures" published in 1974 by Robert Goldberg and Gerald Popek. Today, VMware vSphere, Microsoft Hyper-V and the Xen hypervisor (offered both as open source and as a product from Citrix Systems Inc. called XenServer) are considered by many to be Type 1 hypervisors, while products such as OSX's Parallels, VMware Workstation, and Oracle VM VirtualBox are usually agreed upon to be Type 2.
Confusion and debate over KVM’s classification have arisen in part because it is now a part of the Linux OS. For example, in 2009, Andi Mann, then an analyst with Enterprise Management associates, wrote in a Xen vs. KVM faceoff that “whether KVM is 'Type 1' or 'Type 2' is mostly semantic.”
However, Mann argued at the time, “Xen is run and managed at a lower level (ring 0), even for new virtual machine creation, and guests do not share memory blocks, CPU instructions or any of the underlying (albeit occasionally de-privileged) Linux operating system like KVM does. This means KVM suffers performance, latency, security, scalability, isolation and other issues that do not affect a true bare-metal hypervisor.”
IBM’s Day begs to differ. In his view, KVM fits the definition of a Type 1 hypervisor for two reasons: One, it runs in kernel mode on bare metal and uses a hardware virtualizer. Two, KVM guests spend almost all their time running in direct execution mode, which is another criterion for a Type 1 hypervisor as originally defined by Goldberg.
“The interesting thing is that Goldberg abandoned the Type 1 vs. Type 2 distinction in his further papers,” Day added. “Now it’s become resurrected, and there’s a lot of blogging and so forth classifying Type 1 and Type 2 hypervisors.”
Today’s Type 2 hypervisors don’t match those early criteria, either, because hardware and OSes have both changed so much since they were written.
Type 1 vs. Type 2 not top priority
Virtualization pros say the distinction between Type 1 and Type 2 hypervisors remains significant when considering products.
“It's important [in] that I just don't have more work to do,” said Bob Plankers, a virtualization architect for a large Midwestern university. “If you're a Type 2 hypervisor you make more work for me because I have to maintain the underlying OS as well as the hypervisor. If you are a Type 1 hypervisor you are everything rolled into one, and it's all taken care of simultaneously.”
However, Plankers’ primary virtualization product is VMware vSphere, which has several years’ jump on competitors, including KVM, when it comes to advanced features for virtualization management and cloud computing.
“For me it comes down to support and compatibility for KVM,” Plankers said. “Everybody knows VMware, and VMware goes to great lengths to work with everybody. They have support for lots of hardware, and [there is] lots of software support being run under VMware virtualization… KVM isn't as mature, and definitely doesn't have the same magnitude of supported hardware.”
Jean Staten, IBM director of Linux, said in a statement emailed through a spokesperson that “based on client feedback, the Type 1 and Type 2 discussion is not a gating issue for adoption.” Staten added that “KVM adoption is a very logical choice for clients who are beginning to focus on virtualizing their data center today,” however, “those clients who are already locked in with a proprietary hypervisor may find switching a bit more challenging, and therefore, may need time to fit it into their overall data center strategy.”
Beth Pariseau is a senior news writer for SearchServerVirtualization.com. Write to her at firstname.lastname@example.org.