A virtual machine is, generally, an isolated abstraction from a "real" machine. For example, Java software runs in a JVM, Java Virtual Machine, where all Java commands are translated into a command the host operating system understands, whether the host operating system is running on a mobile phone, a desktop computer, or some other form of hardware. However, in the CSL, we usually refer to a virtual machine as some operating system instance (the machine, usually referred to as the guest) that is running in a virtual environment. This virtual environment is more hardware-independent than a traditional server setup, where the installation is customized to the physical hardware. There are three main types of virtualization covered here: software-emulated virtualization, hardware-assisted virtualization, and paravirtualization.
Types of Virtualization
This method of virtualization is used by companies such as VMware to fully emulate real hardware, making the virtual environment appear to the guest operating system to be an actual computer. This emulation technique often incurs a heavy decrease in the performance of the virtual machine. However, this method of virtualization does not require any changes to the guest operating system, meaning that legacy systems that are not aware of virtualization can be run in a virtualized environment. This technique also can allow an operating system built for one architecture to run on another architecture.
Intel and AMD have added extensions to the x86 architecture, Intel VT or IVT (previously Vanderpool) and AMD-V (previously Pacifica) respectivly, that allow an unmodified guest operating system to be run in a virtualized environment without many of the costly emulation issues of software-emulated virtualization. These extensions are only present on newer processors.
Sun's UltraSPARC T series processors support a similar capability, known as LDOMs.
Paravirtualization is a virtualization technique that requires the modification of the guest operating system, but allows virtualization without the performance penalty on hardware that may not have the x86 extensions necessary for hardware-assisted virtualization.
In the CSL
The CSL primarily uses paravirtualization on its x86 servers. The three older HP servers (fiordland, royal, and mage) do not have the x86 extensions necessary for hardware-assisted virtualization, so if we were to use hardware-assited virtualization, our virtual machines would only be able to run on a subset of our servers. We use Xen for a virtualization platform. For more information on our configuration, please see the Virtual Machine Cluster page.
Separation of Software
One of the hallmarks of the original Unix design is to have a particular piece of software do one thing, and do it well. Extending this to servers, we are able to separate almost every service into separate virtual machines. This serves two primarily purposes. First, if a service is ever compromised, that is the only service that is compromised. Secondly, when a piece of software needs to be upgraded, or is broken and needs to be fixed, the machine can be safely upgraded without worrying about breaking other software installed on the system.
Because the guest operating system lives in an abstraction of the real hardware environment, the operating system can be moved between physical systems without reinstalling or reconfiguring the system for the new hardware. For example, if we were to get a new server, it is rather easy to move virtual machines from our old servers to the new server. Another benefit is live migration, or VMotion in the VMware world. With live migration, if both servers can access the storage medium on which the virtual machine is stored, the guest can actually move between the machines while it is running. This is useful if a machine needs to be shutdown for maintenance. In this case, the virtual machines can be moved to another physical server, allowing the original server to be shutdown without any service downtime. Not all virtualization technologies support this feature, while in the VMware world, the capability comes at a premium.
Virtual machines are easier to manage in the event of a problem, because the "hardware" of the virtual machine is still accessible. If a machine will not boot, the problem can be fixed without physical access to the server. If a virtual machine is shutdown, its filesystem can be mounted and modified if needed. While a virtual machine is running, it is possible to connect to the console of the virtual machine, allowing "physical" access to the server remotely without an expensive piece of hardware for the machine. The "hardware" of the virtual machine can be changed as needed. New network cards, more hard disk space, or more memory can be added to a virtual machine by editing the configuration. It is even possible to add more processors, although adding more processors than are present on the physical host will not result in a speed increase.