Virtualization

• Desktop Virtualization, VDI

VDI or Virtual Desktop Infrastructure refers to the process of running a user desktop inside a virtual machine that lives on a server in the datacenter. It’s a powerful form of desktop virtualization because it enables fully personalized desktops for each user with all the security and simplicity of centralized management.

http://www.citrix.com/virtualization/vdi.html

• virtualization

multiple operating systems on one physical machine
virtual guest machines exist as a file
memory management
availability for disaster recovery
hot migration: move guest opsys to new hw while running
provisioning:creating new servers easy and quick with templates
why virtualize? cost savings,better resource utilization

• virtual machine monitor (VMM)

A virtual machine monitor (VMM) is a host program that allows a single computer to support multiple, identical execution environments. All the users see their systems as self-contained computers isolated from other users, even though every user is served by the same machine.
http://searchservervirtualization.techtarget.com/definition/virtual-machine-monitor


What is a VMM?
A VMM virtualizes an entire physical machine
Interface supported is the hardware
OS defines a higher-level interface
VMM provides the illusion  that software has full control over the hardware (of course, VMM is in control)
VMM “applications” run in virtual machines (c.f., OS processes)

Implications
You can boot an operating system in a virtual machine
Run multiple instances of an OS on same physical machine
Run different OSes simultaneously on the same machine
Linux on Windows, Windows on Mac, etc.
https://www.cs.cmu.edu/~dga/15-440/F10/lectures/vm-ucsd.pdf

• Paravirtualization

paravirtualization is a virtualization technique that presents a software interface to virtual machines that is similar, but not identical to that of the underlying hardware.
The paravirtualization provides specially defined 'hooks' to allow the guest(s) and host to request and acknowledge these tasks, which would otherwise be executed in the virtual domain (where execution performance is worse). A successful paravirtualized platform may allow the virtual machine monitor (VMM) to be simpler (by relocating execution of critical tasks from the virtual domain to the host domain), and/or reduce the overall performance degradation of machine-execution inside the virtual-guest.
https://en.wikipedia.org/wiki/Paravirtualization

• Paravirtualization is virtualization in which the guest operating system (the one being virtualized) is aware that it is a guest and accordingly has drivers that, instead of issuing hardware commands, simply issue commands directly to the host operating system. This also includes memory and thread management as well, which usually require unavailable privileged instructions in the processor.

Full Virtualization is virtualization in which the guest operating system is unaware that it is in a virtualized environment, and therefore hardware is virtualized by the host operating system so that the guest can issue commands to what it thinks is actual hardware, but really are just simulated hardware devices created by the host.

Hardware Assisted Virtualization is a type of Full Virtualization where the microprocessor architecture has special instructions to aid the virtualization of hardware. These instructions might allow a virtual context to be setup so that the guest can execute privileged instructions directly on the processor without affecting the host. Such a feature set is often called a Hypervisor. If said instructions do not exist, Full Virtualization is still possible, however it must be done via software techniques such as Dynamic Recompilation where the host recompiles on the fly privileged instructions in the guest to be able to run in a non-privileged way on the host.

There is also a combination of Para Virtualization and Full Virtualization called Hybrid Virtualization where parts of the guest operating system use paravirtualization for certain hardware drivers, and the host uses full virtualization for other features. This often produces superior performance on the guest without the need for the guest to be completely paravirtualized. An example of this: The guest uses full virtualization for privileged instructions in the kernel but paravirtualization for IO requests using a special driver in the guest.
http://stackoverflow.com/questions/21462581/what-is-the-difference-between-full-para-and-hardware-assisted-virtualiazation

• Desktop virtualization

Desktop virtualization can be used in conjunction with application virtualization and (Windows) user profile management systems, now termed "user virtualization," to provide a comprehensive desktop environment management system. In this mode, all the components of the desktop are virtualized, which allows for a highly flexible and much more secure desktop delivery model. In addition, this approach supports a more complete desktop disaster recovery strategy as all components are essentially saved in the data center and backed up through traditional redundant maintenance systems. If a user's device or hardware is lost, the restore is much more straightforward and simple, because basically all the components will be present at login from another device. In addition, because no data is saved to the user's device, if that device is lost, there is much less chance that any critical data can be retrieved and compromised



    1.1 Remote desktop virtualization
        1.1.1 Virtual desktop infrastructure
        1.1.2 Remote desktop services
    1.2 Application virtualization
    1.3 User virtualization
    1.4 Layering
        1.4.1 Desktop as a Service
    1.5 Local desktop virtualization

   
    Remote desktop virtualization
    Remote desktop virtualization implementations operate as a client/server computing environment
   
    Virtual desktop infrastructure
    Virtual Desktop Infrastructure (VDI) is a desktop-centric service that hosts user desktop environments on remote servers and/or blade PCs, which are accessed over a network using a remote display protocol.
   
    Remote desktop services
    Remote Desktop Services (also called terminal services, server based computing, and presentation virtualization) is a component of Microsoft Windows that allows a user to access applications and data on a remote computer over a network using a remote display protocol. Another leading example of presentation virtualization is Citrix XenApp.
   
    Application virtualization
    Application virtualization improves delivery and compatibility of applications by encapsulating them from the underlying operating system on which they are executed.Examples of enterprise application virtualization software include Citrix XenApp, Microsoft App-V and VMware ThinApp.
   
    User virtualization
    User virtualization separates all of the software aspects that define a user’s personality on a device from the operating system and applications to be managed independently and applied to a desktop as needed without the need for scripting, group policies, or use of roaming profiles
   
    Layering
    Desktop layering is a method of desktop virtualization that divides a disk image into logical parts to be managed individually. For example, if all members of a user group use the same OS, then the core OS only needs to be backed up once for the entire environment who share this layer
   
    Local desktop virtualization
    Local desktop virtualization implementations run the desktop environment on the client device using hardware virtualization or emulation
   
http://en.wikipedia.org/wiki/Desktop_virtualization 

• Virtualization

Virtualization of desktops and applications, with the simple architecture built on a terminal server and thin client with low power consumption, takes increasingly more popularity through either big or small business.
Users don't see the difference between customary computer and terminal, on the contrary all applications usually run faster than on PC.
All work operations are accomplished on server
Thin clients are allotted the role of input/output data device and can be presented not only by low power consumption devices, but also by ordinary net/notebooks.
Desktop virtualization offers an economic gain for business and a number of advantages for users working with corporative information

More security for corporate data
New work place within 10 minutes
Centralized administration
Less investments in IT infrastructure
Decrease in aggregate value
Fewer expenses on upgrades
Energy saving
http://hardpoint.eu/virtualization 

• A hypervisor is a thin software layer that intercepts operating system calls to the hardware.

It is also called as the Virtual Machine Monitor (VMM).
Hypervisors are two types:
    Native of Bare Metal Hypervisor and
    Hosted Hypervisor
 
Native or Bare Metal Hypervisor

Native hypervisors are software systems that run directly on the host's hardware to control the hardware and to monitor the Guest Operating Systems.
The guest operating system runs on a separate level above the hypervisor.
Examples of this virtual machine architecture are Oracle VM, Microsoft Hyper-V, VMWare ESX and Xen.


Hosted Hypervisor

Hosted hypervisors are designed to run within a traditional operating system.
In other words, a hosted hypervisor adds a distinct software layer on top of the host operating system.
While, the guest operating system becomes a third software level above the hardware.
A well-known example of a hosted hypervisor is Oracle VM VirtualBox. Others include VMWare Server and Workstation, Microsoft Virtual PC, KVM, QEMU and Parallels
https://www.tutorialspoint.com/virtualization2.0/virtualization2.0_overview.htm

• Bare Metal Server

Bare metal is a single tenant server. This means only you are taking the resources of the server. The server belongs to you and you only. Compared to the cloud model where multiple users (multi-tenancy) reside on the same physical server, the bare-metal server only has one customer on the server
A hypervisor is an operating system that can create virtual machines (VM) within a bare-metal server.

a traditional bare-metal server. The operating system (CentOS, Debian, Redhat, SUSE, Ubuntu, Windows Server, etc.) is installed directly on the server, and applications are running natively in the operating system

a bare-metal server installed with a hypervisor provides the user with a management suite to create virtual machines on the server. The hypervisor should not run applications natively; rather, its purpose is to virtualize your workloads into separate virtual machines to gain the flexibility and reliability of virtualization.
http://www.inap.com/2015/02/26/bare-metal-vs-hypervisor/

• The term is used nowadays to distinguish it from modern forms of virtualization and cloud hosting

Bare-metal servers have a single 'tenant'. They are not shared between customers. Each server may run any amount of work for the customer, or may have multiple simultaneous users, but they are dedicated entirely to the customer who is renting them. Unlike many servers in a data centre, they are not being shared between multiple customers

Bare-metal servers are 'physical' servers. Each logical server offered for rental is a distinct physical piece of hardware that is a functional server on its own. They are not virtual servers running in multiple on shared hardware.https://en.wikipedia.org/wiki/Bare-metal_server

• Hosted Architecture

 Installs and runs as an application
• Relies on host OS for device support  and physical resource management

Bare-Metal (Hypervisor) Architecture
• Lean virtualization-centric kernel
• Service Console for agents and helper applications

https://www.vmware.com/pdf/virtualization.pdf

• VMware Compliance Checker for PCI

Compliance Checker for PCI DSS v1.2 is a free, downloadable tool that provides a real-time compliance check for multiple Microsoft Windows servers and desktops against PCI DSS v1.2 requirements. The tool collects data from these servers and desktops and produces a detailed summary of which requirements are met and which ones are not. This summary of PCI DSS v1.2 compliance can be used to drive a remediation/mitigation strategy and help prepare for audits. - See more at: https://www.vmware.com/products/pci-compliance-checker/overview.html#sthash.QsrwqAzX.dpuf

• vCenter Converter

VMware vCenter Converter transforms your Windows- and Linux-based physical machines and third-party image formats to VMware virtual machines. - See more at: https://www.vmware.com/products/converter/#sthash.smK3suWj.dpuf

VMware Training - Physical to Virtual (P2V) Migrations with the VMware vCenter Converter 
https://www.youtube.com/watch?v=VepgExB_39E

• vSphere Hypervisor

VMware vSphere Hypervisor is a free bare-metal hypervisor that virtualizes servers so you can consolidate your applications on less hardware - See more at: https://www.vmware.com/products/vsphere-hypervisor/#sthash.z37bgFBE.dpuf 

• KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V).

http://www.linux-kvm.org/page/Main_Page 

KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V). It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko.
Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc.
KVM is open source software. The kernel component of KVM is included in mainline Linux, as of 2.6.20. The userspace component of KVM is included in mainline QEMU, as of 1.3
https://www.linux-kvm.org/page/Main_Page

• What is a VMware vApp?

A vApp is a container for virtual machines that offers resource controls and management for the virtual machines that are inside. Think of a vApp as a portable, self-contained box that holds multiple virtual machines that make up a multi-tiered application (like a web server, database, and security server), including all custom network configurations.

vApps offer:

    Container for multiple virtual machines
    Resource controls for the VMs inside the container
    Network configurations contained inside
    Portability of the vApp such that everything can be contained and transferred to another virtual infrastructure
    Entire vApps can be powered on, powered off, suspended, or shutdown
    Entire vApps can be cloned
http://www.virtualizationadmin.com/articles-tutorials/vmware-esx-and-vsphere-articles/general/understanding-power-vmware-vapps.html

• oVirt is a complete virtualization management platform, licensed and developed as open source software. oVirt builds on the powerful kernel based virtual machine (KVM hypervisor) and on the RHEV-M management server, released by Red Hat to the open source community.

https://www.ovirt.org/

• Proxmox VE is a complete open-source platform for enterprise virtualization.

https://www.proxmox.com/en/

• Microsoft Hyper-V Server

hypervisor-based server virtualization product that allows you to consolidate workloads onto a single physical server. It is a stand-alone product that provides a reliable and optimized virtualization solution enabling organizations to improve server utilization and reduce cost
http://www.microsoft.com/en-us/server-cloud/hyper-v-server/default.aspx

• VMware ESX

ESXi is a "bare-metal" hypervisor, meaning it installs directly on top of the physical server and partitions it into multiple virtual machines that can run simultaneously, sharing the physical resources of the underlying server
http://www.vmware.com/products/vsphere/esxi-and-esx/overview.html

• Citrix XenServer

As a true virtual computing solution, XenServer helps you achieve cloud-like economics through datacenter automation, increased administrative efficiency, high reliability and business continuity, and the ability to leverage the cloud as an extension of your infrastructure.
http://www.citrix.com/English/ps2/products/product.asp?contentID=683148

• XenServer is the leading open source virtualization platform, powered by the Xen Project hypervisor and the XAPI toolstack. I

https://xenserver.org/

• Parallels Desktop for Mac

Parallels Desktop for Mac is the most tested, trusted and talked-about solution for running Windows applications on your Mac.
http://www.parallels.com/products/desktop/

• Veeam Backup & Replication for VMware and Hyper-V

Veeam® Backup & Replication™ provides powerful, easy to use, and affordable data protection for virtualized applications and data on VMware vSphere. It unifies backup and replication in a single solution, and its patent-pending vPower® technology leverages virtualization to reinvent data protection


http://www.veeam.com/vmware-esx-backup.html

• Virtual Machines (VMs)

What is a virtual machine (VM)?
virtual machines (VMs)—virtualized, software representations of a computer that can offer increased portability, flexibility, and security.
VMs changed all that by imitating a physical computer in software
A VM cannot interact directly with a physical computer. Instead, it needs a lightweight software layer called a hypervisor to coordinate between it and the underlying physical hardware. The hypervisor allocates physical computing resources—such as processors, memory, and storage—to each VM. It keeps each VM separate from others so they don’t interfere with each other.

Advantages and benefits
Lower hardware costs and improved ROI
Portability
Flexibility
Security

Hypervisors
There are two types of hypervisors.

Type 1 hypervisors
Type 1 hypervisors run directly on the physical hardware (usually a server), taking the place of the OS.
Typically, you use a separate software product to create and manipulate VMs on the hypervisor. Some management tools, like VMware’s vSphere

Type 2 hypervisors
Type 2 hypervisors run as an application within a host OS and usually target single-user desktop or notebook platforms. 
With a Type 2 hypervisor, you manually create a VM and then install a guest OS in it. You can use the hypervisor to allocate physical resources to your VM, manually setting the amount of processor cores and memory it can use.

Types of VMs

Windows virtual machines
Most hypervisors support VMs running the Windows OS as a guest. Microsoft’s Hyper-V hypervisor comes as part of the Windows operating system.
When installed, it creates a parent partition containing both itself and the primary Windows OS, each of which gets privileged access to the hardware. Other operating systems, including Windows guests, run in child partitions that communicate with the hardware via the parent partition.

Android virtual machines
Google’s open-source Android OS is common on mobile devices and connected home devices such as home entertainment devices. The Android OS runs only on the ARM processor architecture that is common to these devices
This is problematic because PCs run on an entirely different x86 processor architecture
Some projects, such as Shashlik or Genymotion, use an emulator that re-creates the ARM architecture in software
the Android-x86 project, ports Android to the x86 architecture instead.To run it, you must install the Android-x86 program as a virtual machine using the VirtualBox type 2 hypervisor
Another alternative, Anbox, runs the Android operating system on the kernel of a host Linux OS.


Mac virtual machines
Apple only allows its macOS system to run on Apple hardware, prohibiting people from running it on non-Apple hardware as a VM or otherwise under its end user license agreement. You can use Type 2 hypervisors on Mac hardware to create VMs with a macOS guest.

iOS virtual machines
It is not possible to run iOS in a VM today because Apple strictly controls its iOS OS and doesn’t allow it to run on anything other than iOS devices.The closest thing to an iOS VM is the iPhone simulator that ships with the Xcode integrated development environment, which simulates the entire iPhone system in software.

Java virtual machines
The JVM, therefore, doesn’t run an entire OS and doesn’t use a hypervisor as other VMs do. Instead, it translates application-level software programs to run on particular hardware.

Python virtual machines
Like the JVM, the Python VM doesn’t run on a hypervisor, and it doesn’t contain a guest OS. It is a tool that enables programs written in the Python programming language to run on a variety of CPUs.
Similar to Java, Python translates its programs into an intermediate format called bytecode, storing it in a file ready for execution. When the program runs, the Python VM translates the bytecode into machine code for fast execution.

Linux virtual machines
Linux is a common guest OS used in many VMs. It is also a common host OS used to run VMs and even has its own hypervisor called the kernel-based virtual machine (KVM)

VMware virtual machines
Cloning a VMware virtual machine
Cloning a VMware VM makes a copy of it configured with the same virtual hardware, installed software, and other properties at the time of duplication. It is different from a VMware template, which is a master image which never runs and a state that never changes.
Backing up a VMware virtual machine
Backing up a VMware VM is different than making a snapshot. A snapshot only captures the changes made to the VM since the last snapshot, and you cannot restore a snapshot without having all the snapshots produced before it along with the original VM’s disk file.

Use cases
VMs have several uses

Support DevOps: VMs are a great way to support enterprise developers, who can configure VM templates with the settings for their software development and testing processes. They can create VMs for specific tasks such as static software tests, including these steps in an automated development workflow. 
Test a new operating system:
Investigate malware:
Run incompatible software:Some users may prefer one OS while still needing a program that is only available in another
Browse securely: Using a virtual machine for browsing enables you to visit sites without worrying about infection. You can take a snapshot of your machine and then roll back to it after each browsing session. This is something that a user could set up themselves, using a Type 2 desktop hypervisor. Alternatively, an admin could provide a temporary virtual desktop located on the server.

How to set up and use
Installation on a desktop-based Type 2 hypervisor involves creating a VM using the program’s application menu. Some systems, such as Parallels, use an installation assistant that will download an OS like Windows 10 or a range of Linux systems and set up the VM for you behind the scenes. 

Others—like VirtualBox—immediately expose you to settings like choosing or creating a virtual hard disk and then setting options such as memory and CPU allocation and hard disk sizes.

Server-based hypervisors usually feature a management console that helps you create a VM. For example, VMware vSphere

Use and host in the cloud
Alternatively, you can use a cloud enterprise management system like vSphere Cloud Foundation, which is an integrated software suite enabling you to use the company’s vSphere management tools in a cloud environment.

Virtual machines as a server
When using a full-featured enterprise VM management system, you can move VM servers between different physical hosts to help balance physical resources with computing demand. It is even possible to move VMs between on-premises physical servers and cloud-based servers to take advantage of the extra computing and storage resources in the cloud when necessary.

VMs vs. containers
Like VMs, containers enable you to run many applications on a single physical server. The difference is that they don’t virtualize an entire computer, and they don’t contain an entire guest OS. Neither do they use a hypervisor, as VMs do.
All containers share the core services of a single underlying OS. They contain only the application they need to run, along with its specific software dependencies, such as software libraries and environment variables. This makes them lightweight, requiring less storage than a VM.
Containers have a downside, though. Sharing a single underlying OS makes them less secure than VMs because a compromise or failure in one container could affect the OS and other containers that rely on it. Running containers on VMs can mitigate this danger by limiting the risk to a single VM.

VMs vs. Docker
Docker Engine, the program that creates and runs Docker containers, can also run on VMs running on local Windows or macOS computers or on remote VMs in the cloud.
You can use the Docker Machine tool to install and coordinate Docker Engine on VMs. Docker Machine uses its own custom lightweight Linux distribution called boot2docker when creating Docker-capable VMs on VirtualBox, which is a desktop-based hypervisor for running VMs. When creating Docker-based VMs hosted by cloud providers, Docker Machine uses Ubuntu as the guest OS.

VMs vs. Kubernetes
offers administrators a way to define, deploy, and maintain containers in large enterprise environments.
One way to improve the security of a Kubernetes installation is to use containers developed from the ground up to offer the isolation of VMs while maintaining the small footprint and agile deployment of containers. Two projects—Kata and gVisor—offer this capability, setting them aside from Docker containers. They are both compatible with Kubernetes.

Gaming
Many video gamers like to play games that run on operating systems other than their primary OS. One option is to run a guest OS on a VM in a Type 2 hypervisor that itself runs as an application within the host OS.Type 2 hypervisors usually carry some performance overhead because the guest OS cannot deal directly with the physical host.One solution to this performance issue is graphical processing unit (GPU) pass-through. 
A more promising development is cloud-based gaming, which uses a specially configured virtual desktop OS in the cloud to run desktop video games.

Security
Administrators can improve VM security by using security tools from the hypervisor vendor or a third party. For example, VMware offers vShield, which is a suite of tools that work with its vCenter Server hypervisor management environment. 

https://www.ibm.com/cloud/learn/virtual-machines

• Type 1 hypervisor

A Type 1 hypervisor runs directly on the underlying computer’s physical hardware, interacting directly with its CPU, memory, and physical storage. For this reason, Type 1 hypervisors are also referred to as bare-metal hypervisors.

Type 1 (or bare-metal) hypervisor
ESXi hypervisor: VMware ESXi (Elastic Sky X Integrated) is a Type 1 (or bare-metal) hypervisor targeting server virtualization in the data center.


Type 2 hypervisor
A Type 2 hypervisor doesn’t run directly on the underlying hardware. Instead, it runs as an application in an OS. Type 2 hypervisors rarely show up in server-based environments. Instead, they’re suitable for individual PC users needing to run multiple operating systems. Examples include engineers, security professionals analyzing malware, and business users that need access to applications only available on other software platforms.
Cons: A Type 2 hypervisor must access computing, memory, and network resources via the host OS, which has primary access to the physical machine. This introduces latency issues, affecting performance. It also introduces potential security risks if an attacker compromises the host OS because they could then manipulate any guest OS running in the Type 2 hypervisor.

Type 2 hypervisor 
VMware Fusion: This is the company’s MacOS-focused offering, which lets Mac users run a large range of guest operating systems.
Workstation: VMware’s Linux- and Windows-focused platform comes in two flavors: Pro, which is a paid version, and Player, which is free for personal use
VirtualBox: A Type 2 hypervisor running on Linux, Mac OS, and Windows operating systems. 


https://www.ibm.com/cloud/learn/hypervisors