You can think of a hypervisor as software that can be installed on a server and used to separate the computer processing unit (CPU), random access memory (RAM) and network resources into separate VMs. A hypervisor allows multiple, logically isolated instances of applications like operating systems to run independently even though they rely on physically integrated hardware.
The increasing availability of affordable cloud computing is all possible through virtualization thanks to the proliferation of the hypervisor. Cloud computing has transformed into a multi-billion dollar industry over the past decade. Companies like IBM, Google and Amazon have invested millions into building massive data centers that host powerful computing resources, which they make available to consumers through products like Amazon Web Services or Google Cloud.
How Does a Hypervisor Work?
A hypervisor makes multi-tenancy possible. Imagine you have a very powerful server with many CPUs, tons of RAM and plenty of network bandwidth. These components make up your integrated physical hardware. Say four different people want to use your physical hardware’s computing resources. Instead of allowing each person to use your hardware one at a time, you install a hypervisor which allows you to orchestrate and manage the division of the hardware resources into four different VMs. At the same time, you maintain control over the infrastructure and server security. Since each VM instance is logically isolated, it’s typically not possible for one user to access data from the other virtual servers or host operating system.
What Are the Types of Hypervisors?
- Type 1 Hypervisor: Type 1 hypervisors act as a lightweight operating system running on the server itself. We often refer to type 1 hypervisors as bare-metal hypervisors. Since there isn’t an operating system like Windows taking up resources, type 1 hypervisors are more efficient than type 2 hypervisors.
- Type 2 Hypervisor: Type 2 hypervisors are software that runs on an operating system, like many other programs. Since the requests for hosted resources must pass through an extra software layer compared to type 1 hypervisors, type 2 hypervisors tend to be less performant. If you’re looking to experiment with type 2 hypervisors, KVM is a popular hypervisor that runs on the Ubuntu distribution of the Linux operating system and VirtualBox is a popular hypervisor for Windows.
What Are the Benefits of Using a Hypervisor?
Ultimately, hypervisors reduce energy use, overhead costs and overall complexity in the cloud computing industry. Here are a few more reasons why hypervisors have become such a pivotal technology:
Being able to split a host machine into many VMs can be a cost-effective solution to using powerful hardware. Hypervisors can make it much easier to run simultaneous tasks by splitting them across many VMs instead of processing directly on the host, which potentially leaves resources unused.
Operating System (OS) Flexibility
Some software requires a specific operating system. It would be expensive and inefficient to have to run both a Windows machine and Linux machine, for example. By creating multiple VMs, the hypervisor allows multiple operating systems to run on the single host machine. This flexibility makes it possible to run applications that depend on a particular OS all within the host machine, thereby improving efficiency.
Since the hypervisor creates VMs that are independent of the physical hardware, it’s possible to transfer hypervisors across servers to reallocate resources where needed. Hypervisors can be used to scale vertically by allocating more of the host machine resources to a particular VM and horizontally by allowing the VM to access resources from multiple machines.
What Are the Risks of Using a Hypervisor?
Hypervisors are software, and software can have bugs and vulnerabilities cybercriminals can exploit. Here are some of the risks to consider when using hypervisors:
Since hypervisors allow a system administrator to create and monitor VMs on their hardware, the entire system could be at risk if an attacker compromises the hypervisor. Threat actors do this by exploiting outdated hypervisor software or by infecting a machine with malware. When an attacker gains control of a hypervisor that manages many VMs, they can use those VMs for malicious activities like denial-of-service (Dos) or distributed denial-of-service (DDoS) attacks in addition to having privileged access to the machines themselves. As a best practice, update hypervisor software regularly to patch found vulnerabilities.
Without the proper network security in place, the VMs themselves might be vulnerable to DoS or DDoS attacks because the hypervisor shares network bandwidth across the VMs. Additionally, the VMs are typically distributed on a network. Cloud companies often keep their VM networks separate from their management networks to help prevent a compromised VM from impacting the day-to-day network usage.
It is imperative that a system administrator manages their VMs appropriately and doesn’t leave them unchecked, thereby taking up system resources after work on them has been completed. Old VMs might be running outdated operating systems or applications that are easier to exploit. Also, there could be sensitive files left on VMs that could damage a company or user if compromised. As a best practice, VMs should be shut down and removed after serving their purpose instead of being left online.