June 22, 2016
SIRIS 3 And The KVM Hypervisor
As you may have heard, we replaced the hypervisor that enables virtualisation on SIRIS devices. With SIRIS 3, we’ve swapped out VirtualBox for the Linux-based KVM hypervisor. This was a huge project and we are confident it will greatly benefit our partners. It puts the same hypervisor technology used by ultrascale cloud providers in SIRIS devices. With KVM, Instant Virtualisation will be faster, more reliable, and more secure.
To understand why, let’s look at how KVM and VirtualBox differ. There are two types of hypervisors: Type 1 and Type 2. KVM is a Type 1 hypervisor and VirtualBox is, you guessed it, Type 2. Some examples of Type 1 hypervisors include VMware ESX/ESXi, Citrix Xen, and Microsoft Hyper-V. Type 2 hypervisors include VMware Fusion, Solaris Zones, Parallels and VMware Workstation.
Type 1 hypervisors run directly on the system hardware, which is why they are sometimes referred to as “bare-metal hypervisors.” Type 2 hypervisors, on the other hand, run as an application on a host operating system. As such, Type 1 hypervisors provide higher performance because they have direct access to the hardware. Performance is lower with Type 2 hypervisors because you have an additional layer of software—the OS—between the hypervisor and the physical hardware.
Because of their efficiency, Type 1 hypervisors are used for desktop and server virtualisation as well as for cloud environments. Type 2 hypervisors are generally used on desktops or laptops where performance is not as critical.
A report published by SNIA Europe on KVM and security, says the hypervisor also offers security benefits over other hypervisors available today—whether Type 1 or 2. According to the report, this is because KVM inherits the underlying security capabilities of Linux. And, “through its use of SELinux and Mandatory Access Control, KVM integrates advanced security at the heart of the hypervisor.” The report also outlines a number of additional security benefits that KVM offers, such as hardware-based isolation, discretionary access control, and mandatory access control.
Finally, KVM, like VirtualBox, is an open-source hypervisor. So, our partners still get the interoperability of open-source, along with increased performance and security.