The process of creating virtual machines to run on top of a host is known as virtualization. The host computer's hardware runs the host operating system. Virtualization software runs within the host operating system and allocates resources for each guest. Each guest has its own operating system and its own set of any libraries and binary files required to run the desired applications. The guest OS behaves just like a physical computer that is equipped with the processing power, memory, storage space and other computing resources assigned to it.
There are two types of virtual machines: process virtual machines and system virtual machines. The key difference between these is their size and intended use case.
What is a process virtual machine?
A process virtual machine is a specialized VM designed to allow a single process to run as an application on the host. One common example of this is the Java Virtual Machine. Applications written in Java are platform-agnostic and can run on any hardware and operating system that supports the Java VM. Rather than developers having to worry about hardware and operating system compatibility, they simply write for the Java VM, which takes care of any host-specific issues and enables Java code to run on any supported operating system as if it was written natively for that OS.
What is a system virtual machine?
System virtual machines are a larger-scale form of virtualization. A System VM is a full replica of a physical machine. It's possible to run several VMs on a powerful host computer, with each guest running its own operating system. To do this, the host must run a hypervisor.
Some hypervisor software runs on top of a host OS. These are known as Type 2 hypervisors and offer convenience and usability at the expense of some latency and additional resource consumption. Other solutions can run directly on the host's hardware, or “bare metal”. This kind of hypervisor is known as a Type 1 hypervisor. Because Type 1 hypervisors run directly on the host hardware, they are a low-latency, high performance solution and are popular in enterprise environments where efficient use of resources is essential.
Hypervisors allow each machine to run independently, dynamically allocating memory, network throughput, storage and processor resources, while isolating the guest VMs from each other to prevent security issues.
Hypervisors make it easy to spin up new virtual machines as needed and allow for efficient use of the host hardware. Virtual machine images made for a specific hypervisor such as VMware ESXi or Oracle VM VirtualBox are highly portable in that they can be deployed to any hardware that supports the hypervisor software and has sufficient system resources available. This portability, combined with the power of Replication software makes virtualization an important part of any business continuity plan. Veeam Backup and Replication can be used to manage on-premises and cloud-hosted virtual machines, protecting your organization's data and helping you get back up and running quickly in the event of an outage or hardware failure.
Virtual machines have many use cases, including:
Virtual machines have several key benefits. They make it possible to run multiple operating system environments on one device. This makes them an inexpensive and efficient way to spin up multiple servers, test application builds on a variety of different OS configurations or run a legacy application. For example, a company that relies on a customer account system that was written for a very old version of Windows can provide a VM containing that application instead of having dedicated older hardware to run the software on.
The hypervisor provides a sandboxed environment for each guest. This makes VMs useful from a security perspective because the guests don't have direct access to each other's filesystems or memory. If a virus infects a virtual machine, any damage should be contained. If a virtual machine crashes due to a misbehaving program, the host and other VMs should be unaffected.
Another useful feature of virtual machines is the ease with which they can be backed up, moved and recovered. Taking backups of a virtual machine is just a matter of backing up the configuration files and disk image. In a disaster recovery scenario, restoring those files to a new host and powering the VMs back on allows an organization to get back up and running more easily. Because virtual machines are hardware independent, the backups can be restored to any server that has adequate resources to run that guest.
The sandboxed, highly portable nature of virtual machines does come at a cost, however. Each guest VM runs a full copy of the operating system. Running multiple virtual machines on one physical server may cause stability issues if the server is not powerful enough. Depending on the intended use of the VMs, there may be a more efficient way to achieve your goals, such as containers.
Containers are a form of virtualization technology that share many similarities with virtual machines but serve a slightly different purpose. Where virtual machines simulate an entire machine, including the OS and hardware layer, containers virtualize only the software layers that run on top of the operating system. The IEEE describes containers as a lightweight alternative to virtual machines.
While virtual machines run on top of a hypervisor that may run either directly on top of the hardware or within an operating system, containers run in a container engine. Each container will have its own copies of any binaries and libraries required to run the software it contains, but the container does not need its own copies of the operating system. The containers share the hardware they're running on, although they'll have restricted access to the filesystem.
Popular container management software includes Docker, Google Kubernetes Engine, LXC and Portainer. Containers are often used on cloud computing platforms as a way of quickly deploying everything needed to run a script or microservice.
Some benefits of containers include:
The downsides of containers are:
The question of container security is a complex one, and properly configured containers offer robust security. Applications in containers are isolated from each other, making them more secure than running the individual applications directly on the host machine. In addition, each container has a smaller attack surface than a full-blown VM. Some containers are stateless, so each time they’re started the container is a “clean slate” with the same configuration. Stateless containers are useful for certain kinds of microservers, and the lack of persistent storage can be seen as a security feature in some situations.
However, stateless containers are not well-suited to running more complex services, or services where being able to preserve the applications state when recovering from an outage is important. In addition, containers share an operating system, so if a container is compromised, the attacker has the opportunity to compromise other containers running on the same machine. With virtual machines, if one VM is compromised the attacker cannot use that access to compromise other VMs on the same host.
When to choose containers vs. VMs
In general, it's a good idea to use virtual machines if you need to run multiple operating systems on a single machine, or need to be able to take snapshots of the machine in different states for backup purposes. Having ready-to-deploy virtual machines makes it easy to scale your operating system, and can be beneficial from a disaster recovery point of view.
Containers are useful for deploying smaller microservices, or as part of a DevOps pipeline. In an article for EPR Today, Daniel Riedel explains the difference in philosophy as "pets vs cattle". Containers are cattle, to be treated as commodities and spun up on demand, while monolithic services are more likely to run in VMs, and be tended carefully, much like pets.
Some popular virtual machine software includes:
The process for setting up a virtual machine will differ depending on the virtualization software used. Tools such as VMware and Oracle VM VirtualBox offer guided setups to help users configure the hardware and install the operating system for the VM via a graphical user interface (GUI). As a cloud-based solution, Azure's range of Dedicated and Spot VMs also offer relatively easy setup options.
Configuring a Linux KVM via the command line requires a more in-depth knowledge of networking and the machine's hardware. Tools such as Kimchi and Proxmox make it easier for systems administrators to manage deployments of multiple virtual machines on a single host.
Some important considerations when configuring a virtual machine are:
If you already have a physical machine configured the way you'd like your VM to be, it's possible to create a copy of that virtual machine's hard drive as a Hyper-V virtual machine disk, using what's known as physical to virtual (P2V) conversion. Once you've made a copy of the drive, it can be loaded into a Virtual Machine configured with the same sort of hardware virtualization and spun up as needed. You can then protect the virtual machine's data by running virtual backups with Veeam.
Once the virtual machine is set up, it can be run from within the host OS as if it was another application. The VM can then either be controlled via the host's keyboard and mouse or over SSH/remote KVM if the server is running in headless mode.
If you'd like to know more about Veeam's virtual machine backup solutions and how we can help you protect your data, why not try Veeam Backup and Replication for yourself? Download a free trial today.
2022 Data Protection Trends
The largest data protection industry report from 3K+ IT leaders