January 25, 2008
OS Co-Location is NOT Virtualization!
I'm sure you've all seen this phenomenon, which I'll call everything-is-a-taco. Assume that for some reason tacos are suddenly very popular. The next thing that happens is that any sort of fast food starts being marketed as a taco—you get hamburgers that look and taste like tacos, pizzas that look and taste like tacos and salads called taco fiesta... you get the picture.
Similar things happen in the high-tech world. System virtualization is a big thing these days in the enterprise world; everybody seems to be into it. Well, at least the term is usually applied correctly.
Not so outside the enterprise space. Virtualization for embedded systems is receiving increasing attention, and the everything-is-a-taco phenomenon is clearly there. Some people are spreading confusion by calling a hamburger a taco.
Let me explain. As I have discussed in a recent white paper, a core characteristic of virtualization is that it provides multiple virtual machines, each of them looking like a real machine. The virtual-machine monitor, or hypervisor, creates this illusion by controlling all system resources. The virtual machines only get to see virtual resources, and the hypervisor controls how these are mapped to physical resources.
This separation of resources is behind the popularity of virtualization: it strongly isolates virtual machines from each other. It is what enables all the cool uses of virtual machines in the enterprise space, such as server consolidation, load balancing though life migration, firewalling off applications which are at risk of being compromised, etc, etc. Isolation in a virtual machine environment is not optional, it is inherent.
Would someone get away with marketing as "virtualization" a setup where several operating systems (say Linux and Windows) are intermingled on the same processor, each running in kernel mode with full access to all physical memory? Where each bug in one OS would take down all the others? Would they not rather get laughed out of the room suggesting this approach? Such a setup would be properly called "OS co-location". Have you ever heard of it in the enterprise marketplace? Or seen it sold as "virtualization"? Of course, not, because it wouldn't be of much use.
Yet exactly this is happening in embedded systems, where some vendors are brazenly selling OS co-location as virtualization. It is not. Virtual-machine isolation is not optional, it's inherent. A hamburger is not a taco, and OS co-location is not virtualization, if anything it's pseudo-virtualization.
And why would you want it, if you can have embedded virtualization technology, such as OKL4, that gives you real virtualization at negligible overhead? I have never seen a use case where pseudo-virtualization has any real benefit over virtualization.
Posted by Gernot Heiser on January 25 at 03:15 PM
About Gernot Heiser:
Gernot Heiser, Chief Technology Officer, never thought he would be in the business world. Prior to NICTA's creation in 2003, Dr Heiser was a full-time faculty member at the University of New South Wales. However, this die-hard academic couldn’t pass up the opportunity to see the commercialization of this research. Gernot still loves teaching, almost as much as he loves good wine and good food. And anyone will tell you that Gernot knows his wine.