DataCenterVirtualization

Type 0 Hypervisor – Fact or Fiction

DataCenterVirtualization

While looking around the web for anything new with virtualization, I kept seeing more and more posts and articles about the new type of virtual hypervisor. Type 0, now this sounds interesting and I found these definitions for each type of hypervisor.

Type 2

Type-2 hypervisors are computer emulation applications that run on general purpose operating systems. A Type-2 hypervisor allows users to run multiple operating systems (OSs) simultaneously on a single platform. For example, a Windows 7™ user can install a hypervisor application like VMware Workstation™, to run a Windows XP™ guest OS on top of their Windows 7 host OS. As an application the Type-2 hypervisor is subject to performance, security, and reliability penalties. The hosted hypervisor incurs performance hits because it competes with other user applications like web browsers and e-mail clients for system resources. Type-2 hypervisors are weak in reliability and security because they inherit the vulnerabilities of the user controlled host operating system.

Type 1

Type-1 hypervisors are computer emulation software tightly integrated with embedded OSs that run transparent to the end-user. Type-1 hypervisors gain a significant performance improvement over Type-2 hypervisors because they are “Self-Hosted” with embedded OSs that are optimized for virtualization. Type-1 hypervisors significantly reduce the attack-surface over Type-2 hypervisors by limiting access to the hypervisor to only system administrators, preventing end-users and user applications from tampering with the hypervisor. Additionally Type-1 hypervisor vendors control all the software that comprise the hypervisor package including the virtualization functions and OS functions, like devices drivers and I/O stacks. Control over the software package prevents malicious software from being introduced into the hypervisor foundation. The limited access and strong control over the embedded OS greatly increase the reliability of Type-1 hypervisors.

Type 0

Type 0is based on an architecture that allows for higher levels of performance, reliability, and security over Type-1 hypervisors. Type Zero hypervisor is built with the minimum software components required to fully virtualize guest OSs and control information flow between guest OSs. The Type 0architecture removes the need for an embedded host OS to support virtualization, allowing the hypervisor to run in an “Un-Hosted” environment. This drastically differs from Type-1 monolithic architectures where the hypervisor is integrated into a host OS, or Type-1 microkernel architectures where the hypervisor is controlled and assisted by a root or parent operating system.”

vSphere

I agree with the definition of type 2 and not so much for the rest and I will tell you why.

“Type-1 hypervisors significantly reduce the attack-surface over Type-2 hypervisors by limiting access to the hypervisor to only system administrators, preventing end-users and user applications from tampering with the hypervisor.”

Last I checked there is nodirect access to the hypervisor, there are APIs for management calls that can be made to the hypervisor but there is no direct access to the hypervisors for users or administrators. Most people maybe confusing a management layer with direct access to a hypervisor. There is no direct access to a hypervisor via any modern management construct, however there was in the past such as VMware ESX 1.5 and 2.x versions (which are no longer in use).

“The limited access and strong control over the embedded OS greatly increase the reliability of Type-1 hypervisors.”

VMware vSphere is what I would consider a Type 1 Hypervisor, however there is no embedded OS in VMware ESXi. If you are connecting to VMware ESXi, you are connecting to an independent agent that is running directory on the VMkernel. This may give the appearance of connecting to the hypervisor itself but that is truly not the case.

” The Type Zero architecture removes the need for an embedded host OS to support virtualization, allowing the hypervisor to run in an “Un-Hosted” environment. This drastically differs from Type-1 monolithic architectures where the hypervisor is integrated into a host OS, or Type-1 microkernel architectures where the hypervisor is controlled and assisted by a root or parent operating system.”

This next statement is so far off the mark I have to wonder, who really comes up with some of this stuff?  As was mentioned in VMware ESXi there is no host OS but there is a microkernel running below all management constructs, so I must ask how is this a monolithic architecture? All API calls are done via the independent agents that run on top of the VMkernel or the hypervisor.

Perhaps vSphere is really a Type 0 hypervisor?

Xen, Hyper-V

Now looking at a couple of other types of hypervisors like Xen and Hyper-V there is a primary partition or primary domain. This embedded OS does all the relays for device drivers and I/O stacks with the only real flaw is if something happens to the primary partition, the entire system can crash.

Other Thoughts

So here are my thoughts on the types of hypervisors available today.  I do not think there any more discussion or debate on Type 2 hypervisors, so we will leave that alone. I mentioned earlier that I consider VMware ESXi to be the true Type 1 hypervisor, based on the way vSphere loads and runs its vmkernel, virtual machines, and management constructs.  Xen, KVM, and Hyper-V, I would consider a Type 1.5 based on the fact that all IO still travels through the parent domain or partition in order to reach external devices.  There are two distinct architectures when creating hypervisors, the VMware architecture where the management construct is not involved in any form of IO transport or the Hyper-V/Xen Architecture where there is a parent partition or domain that manages IO.

There are merits to each architecture, so we want to make a distinction of the difference between the different hypervisors and  to declare there is no real Type 0 hypervisor available today as there needs to be much more happening within the hardware to make this occur, how do devices interact with each VM? In a Type 0, we would think it would be handled by the hardware and not much more than a shim of a hypervisor.

It seems Marketing is working to define a new technology that is really not that new. If you still do not believe me you can go check for yourself on Wikipedia.

Share this Article:

The following two tabs change content below.
Steve Beaver
Stephen Beaver is the co-author of VMware ESX Essentials in the Virtual Data Center and Scripting VMware Power Tools: Automating Virtual Infrastructure Administration as well as being contributing author of Mastering VMware vSphere 4 and How to Cheat at Configuring VMware ESX Server. Stephen is an IT Veteran with over 15 years experience in the industry. Stephen is a moderator on the VMware Communities Forum and was elected vExpert for 2009 and 2010. Stephen can also be seen regularly presenting on different topics at national and international virtualization conferences.
Steve Beaver

Latest posts by Steve Beaver (see all)

Related Posts:

Leave a Reply

5 Comments on "Type 0 Hypervisor – Fact or Fiction"

Sort by:   newest | oldest | most voted
Guest
Hi Steve, > Type-2 hypervisors are computer emulation applications that run on general purpose operating systems. Why do you agree with this definition? A type-2 hypervisor is does *not* emulate a computer. An emulator allows you to run, for examle, ARM code on an x86 CPU. A type-2 hypervisor doesn’t. > The Type 0architecture removes the need for an embedded host OS to support virtualization, allowing the > hypervisor to run in an “Un-Hosted” environment. So the “type-0” hypervisor effectively *is* the operating system. But that’s already the case for type-1 hypervisors, so where’s the difference? > This drastically differs… Read more »
Simon Bramfitt
Member

I’m not sure that there’s any need to deviate from the definitions that Goldberg described in his 1973 paper Architectural Principles for Virtual Computer System > http://www.dtic.mil/cgi-bin/GetTRDoc?AD=AD772809&Location=U2&doc=GetTRDoc.pdf (Page 22 for the directly relevant stuff).

Stick with that and there’s no need for anything other than type I and type II.

About the only fresh term that I’d consider introducing into the conversation would be separation kernel, but even that might reasonably be described as a particularly small and secure type I hypervisor, a “microvisor” perhaps.

Simon

Andrew Wood
Member
I’d agree with Simon. There are two types of hypervisor – type I & type II. I–The VMM runs on bare machine II–The VMM runs on an extended host under the host operatinq system. I’ve come across a couple of “type 0” hypervisor either in claims of the hypervisor component running on-chip.. (as you mention) and more often from zInstall in trying to differentiate their Zirtu client hypervisor product from the likes of existing players like Citrix’s XenClient (Type I), MokaFive’s (Type I & Type II) or Virtual Bridges LEAF (Type I), Microsoft’s Virtual PC (Type II). Like Simon, I… Read more »
Member
Type 1 or type 0? Lets argue symantical context? Even PXE, or EFI, for that matter is a variant of an OS focused on a specific target or task, in that sense, yes, vSphere ESXi would be I would say a solid candidate for type 0 classification as given above. But does it matter? Microsoft swears Hyper-V is a type 1 hybrid of not really a type 1 because of the stack/load sequence? Which I disagree, any hypervisor that provides relatively generic console, that is based on or leverages much of what a typical generic purpose OS provides, is by… Read more »
Admin

Hello,

Definitions are always about semantics I believe. What it boils down to is: a type 1 hypervisor is the OS, where a type 2 runs ON an OS, and a a type 0 would run in hardware.

Best regards,
Edward Haletky

wpDiscuz