by Matt Gillespie
Overview
Intel® Virtualization Technology enhances the reliability, supportability, security, and flexibility of software-only virtualization solutions. These silicon advances represent a quantum leap forward, removing overhead and supporting a variety of operating systems.
Intel Virtualization Technology is a set of silicon-based capabilities that enhance software-only virtualization solutions. These virtualization solutions allow multiple operating systems and associated applications to work in individual partitions simultaneously. Thus, a single physical system is able to function as a number of logical virtual systems. Intel's hardware technology, Intel Virtualization Technology, improves on existing software-only virtualization solutions by enhancing the reliability, supportability, security, and flexibility of virtualization solutions. These silicon advances represent a quantum leap forward - by removing overhead associated with software-based virtual machines and supporting a far broader variety of operating systems.
As part of the development of the technology, Intel has been working with leading virtual machine monitor (VMM) vendors in order to solicit technical input and to help enable those vendors to adopt and support the technology. This should help to ensure rapid adoption in the marketplace. This technology, code-named Vanderpool, should be released in desktop platforms by the end of 2005, and in server and mobile platforms in 2006.
The Benefits of Virtualization
By operating a number of virtual machines on a single server, IT managers can consolidate various environments on a smaller number of machines than would otherwise be possible. For instance, many enterprises maintain dedicated legacy or otherwise non-standard environments for applications that are not compatible with the operating system in use by the majority of the enterprise. That requirement often requires dedicated hardware, adding equipment and maintenance expense to often-strained operating budgets. Intel Virtualization Technology removes the requirement for such single-use hardware, making more-efficient use of resources. Likewise, virtualization can allow a dedicated failover partition to provide systems redundancy without requiring additional hardware. Moreover, virtualization provides robust security support by allowing administrators to configure different security settings as needed on each container.
In the desktop space, Intel Virtualization Technology allows the configuration of separate builds for different uses on the same machine. For instance, IT departments could set up end-user systems with an isolated partition that performs upgrades and maintenance in the background. They might even set up separate work and personal environments on user machines, with different user permissions assigned to each environment with which to install software and otherwise control the system. Such configuration could, for example, isolate virus and spyware attacks from corporate resources while also increasing flexibility. It is similarly possible to run an Internet-connected partition under limited rights to protect against external attacks, while also running a separate virtual machine as Administrator, providing the ability to perform restricted tasks on the system.
Limitations of Software-Only Virtualization Solutions
While software-only virtualization solutions offer tremendous benefits to IT departments and end-users alike, they also have significant limitations. The 'guest' operating systems each communicate with the hardware largely through the Virtual Machine Monitor (VMM), which must arbitrate that access for all of the virtual machines on the system. (Note, however, that much of the access to the processor and memory is independent of the VMM, and the VMM will only get involved when certain events happen, such as a page fault.) In a software-only virtualization solution, the VMM runs in the space in the software stack where the operating system would conventionally be, and the operating system runs in the space where applications would conventionally run.
This extra layer of communication requires binary translation to occur, in order to emulate the hardware environment by providing interfaces to physical resources such as processors, memory, storage, graphics cards, and network adapters. That translation necessarily adds to system complexity. Moreover, support for guest operating systems is limited by the capabilities of virtual-machine environments, which hampers the deployment of certain technologies, such as 64-bit guest operating systems. The added complexity of the software stack under software-only solutions means that these environments are complex to administer, which adds to the difficulty of assuring reliability and security in the systems.
The Hardware Virtualization Advantage
Intel Virtualization Technology provides silicon-based functionality that works together with compatible VMM software to improve upon software-only solutions. Because this virtualization hardware provides a new architecture upon which the operating system can run directly, it removes the need for binary translation. Thus, it eliminates associated performance overhead and vastly simplifies the design of the VMM, in turn allowing VMMs to be written to common standards and to be more robust.
These advantages increase supportability of the overall virtual-machine solution. VMMs running under Intel Virtualization Technology can be fully validated on the hardware, including certification that they execute directly using the architecture's full instruction set.
The range of operating systems supported by VMMs under Intel Virtualization Technology will be broader than what is currently available from software-only VMM solutions. For example, the current lack of support for 64-bit guest operating systems under software-only VMMs will be an increasingly significant shortcoming, as the deployment of Intel® EM64T and Itanium® processors continues to expand. Virtual-machine technology based on Intel Virtualization Technology will support 64-bit guest operating systems, in addition to supporting a wide range of legacy operating systems, including many Linux distributions.
Intel Virtualization Technology will provide the basis for a rich ecosystem of virtualization solutions that encompass both server and desktop environments. These hardware-assisted virtualizati on solutions will extend the capabilities of powerful compute engines to handle multiple, disparate roles simultaneously. They will provide headroom for the next generation of server consolidations and fail-safe operation, and they will also provide heightened availability and security for desktop and mobile client platforms.
Learn More about Intel Virtualization Technology
The Intel® Virtualization Technology Web site provides in-depth information about the specifications and technologies associated with virtualization from Intel.
The article Enhanced Virtualization on Intel® Architecture-Based Servers demonstrates how virtualization technology helps derive better value from IT investments.
The Virtualization Web site from the Intel Business/Enterprise organization provides theoretical and practical information about using virtualization to manage systems and applications.
About the Author
Matt Gillespie is an independent technical author and editor working out of the Chicago area and specializing in emerging hardware and software technologies. Before going into business for himself, Matt developed training for software developers at Intel Corporation and worked in Internet Technical Services at California Federal Bank. He spent his early years as a writer and editor in the fields of financial publishing and neuroscience.