Comprehensive Overview of Virtualization Technologies: From Full Virtualization to Containers

Cloud computing has become mainstream, and the market now features distinct PaaS and SaaS players; this article lists several 2021 Chinese market research reports on PaaS, SaaS, and cloud standards.

Historical background : Virtualization abstracts physical resources (CPU, memory, storage, network) into isolated virtual machines, enabling partitioning, isolation, and encapsulation of complete system configurations.

Full virtualization – VMware binary translation : VMware translates guest instructions into host‑compatible ones, similar to a Java VM, allowing privileged instructions to trap and be emulated by the VMM. This approach mixes binary translation with direct execution for performance.

Key concept: privileged (Ring‑0) instructions can only be executed by the hypervisor; attempts by a guest in Ring‑3 cause exceptions that the VMM handles.

When privileged instructions are not trap‑able, the guest can “expose” itself, leading to security and stability issues.

VMware’s solution is binary translation; QEMU, by contrast, fully emulates the CPU instruction set, resulting in lower performance.

Hardware‑assisted virtualization (VT‑x/AMD‑v) : Intel VT‑x introduces VMX root and non‑root modes, allowing the VMM to run in root mode while guests run in non‑root mode, supporting direct execution of some instructions. VT‑d enables direct I/O access, VT‑c provides network acceleration via VMDq and SR‑IOV, and TXT offers trusted execution.

KVM‑QEMU : KVM (Kernel‑based Virtual Machine) is a hypervisor built into the Linux kernel, providing CPU and memory virtualization using hardware assistance. QEMU complements KVM by emulating peripheral devices, forming the KVM‑QEMU architecture.

GPU virtualization : Techniques include GPU passthrough, GPU sharing, and vGPU, where a physical GPU is partitioned into multiple virtual GPUs for concurrent use by several VMs.

I/O virtualization : Approaches range from full I/O device emulation to para‑virtualized front‑end/back‑end models, with technologies such as SR‑IOV and VMDq reducing overhead.

Container technology – LXC & Docker : Containers provide OS‑level isolation using cgroups and namespaces, offering lightweight execution environments compared to full VMs. Docker builds on LXC concepts, packaging applications and dependencies for easy deployment.

Summary : The article traces virtualization from early software‑only solutions (VMware Workstation, Xen) to hardware‑assisted hypervisors (Intel VT, AMD‑v) and modern containerization, highlighting performance, security, and use‑case considerations.

陷阱 & 模拟