• Home
• News, Press, & Events
• News Articles
• Virtualization Defined-Eight Different Ways

Virtualization Defined-Eight Different Ways

February 25, 2008 - Alan Murphy

Recently, the term "virtualization" has become ubiquitous, representing any type of process obfuscation where a process is removed from its physical operating environment. Because of this ambiguity, virtualization can seemingly be applied to any and all parts of an IT infrastructure, leading to many definitions of the term in the current lexicon. And all (or at least most) of them are correct, which can be quite confusing. To better understand virtualization in the data center, it's helpful to distill virtualization into eight specific categories to thoroughly understand the differences (and similarities) between the definitions of virtualization.

OS Virtualization

The most prevalent form of virtualization today, virtual operating systems (or virtual machines) are quickly becoming a core component of the IT infrastructure. Virtual machines are typically full implementations of standard operating systems, such as Windows Vista or RedHat Enterprise Linux, running simultaneously on the same physical hardware. Each OS instance is unaware that 1) it's virtual and 2) that other virtual operating systems are (or may be) running at the same time. Data center consolidation is bringing the benefits of virtual machines to the mainstream market, allowing enterprises to reduce the number of physical machines in their data centers without reducing the number of underlying applications.

Application Server Virtualization

Application Server Virtualization has been around since the first load balancer, which explains why "application virtualization" is often misused as a synonym for advanced load balancing. The core concept of Application Server Virtualization is best seen with a reverse proxy load balancer: an appliance or service that provides access to many different application services transparently. In a typical deployment, a reverse proxy will host a virtual interface accessible to the end user on the "front end." On the "back end," the reverse proxy will load balance a number of different servers and applications such as a web server.

The virtual interface, or VIP, is exposed to the outside world, represents itself as the actual web server, and manages the connections to and from the web server as needed. This enables the load balancer to manage multiple web servers or applications as a single instance, providing a more secure and robust topology than one allowing users direct access to individual web servers. This is a one:many (one-to-many) virtualization representation: one server is presented to the world, hiding the availability of multiple servers behind a reverse proxy appliance.

Application Virtualization

While they sound very similar, Application Server and Application Virtualization are completely different. Application Virtualization used to be referred to as "thin clients"; the technology is exactly the same, only the name has changed to make it more IT-PC (politically correct, not personal computer). Softgrid by Microsoft is an example of deploying Application Virtualization.

Although you may be running Microsoft Word 2007 locally on your laptop, the binaries, personal information, and running state are all stored on, managed, and delivered over the network by Softgrid. Your local laptop provides the CPU and RAM required to run the software, but nothing is installed locally on your own machine. Other types of Application Virtualization include Microsoft Terminal Services and browser-based applications.

Management Virtualization

If you use separate passwords and access restrictions for your root/administrator accounts between mail and web servers, then you've deployed Management Virtualization in its most basic form. The paradigm can be extended down to segmented administration roles on one platform or box, which is where segmented administration becomes "virtual."

User and group policies Windows in XP, 2003, and Vista are an excellent example of virtualized administration rights: Alice may be in the backup group for the 2003 Active Directory server, but not in the admin group. She has read access to all the files he needs to back up, but she doesn't have rights to install new files or software. Although she's logging into the same sever that the true administrator is logs into, her user experience differs from the administrator. Management Virtualization is a key concept in overall data center management.

Network Virtualization

Network Virtualization may be the most ambiguous definition of virtualization. For brevity, the scope here is relegated to virtual IP management and segmentation. A simple example of IP virtualization is a VLAN: a single Ethernet port may support multiple virtual connections from multiple IP addresses and networks, but they are virtually segmented using VLAN tags.

Another example is virtual routing tables: typically, a routing table and an IP network port share a 1:1 relationship, even though that single port may host multiple virtual interfaces (such as VLANs or the eth0:1" virtual network adapters supported by Linux). The single routing table will contain multiple routes for each virtual connection, but they are still managed in a single table. Virtual routing tables change that paradigm into a one:many relationship, where any single physical interface can maintain multiple routing tables, each with multiple entries. This provides the interface with the ability to bring up (and tear down) routing services on the fly for one network without interrupting other services and routing tables on that same interface.

Hardware Virtualization

Hardware Virtualization breaks up pieces and locations of physical hardware into independent segments and manages those segments as separate, individual components. One example of Hardware Virtualization is "slicing": carving out precise portions of the system to run in a "walled garden," such as allocating a fixed 25% of CPU resources to bulk encryption. If there are no processes requesting encryption time from the CPU, then that 25% of the CPU will go unutilized. If too many processes need computations at once and require more than 25%, they are queued by the scheduler.

Symmetric and asymmetric multiprocessing are other examples. For both, the process requesting CPU time isn't aware which processor it's going to run on; it just requests CPU time from the OS scheduler and the scheduler takes the responsibility of allocating processor time. As far as the process is concerned, it could be spread across any number of CPUs, so long as it's able to run unaffected. Asymmetric multiprocessing is a form of pre-allocation virtualization where certain tasks are only run on certain CPUs. In contrast, symmetric multiprocessing is a form of dynamic allocation, where CPUs are interchangeable and used as needed by any part of the management system.

Each classification of Hardware Virtualization is unique and has value, depending on the implementation. Pre-allocation virtualization is perfect for very specific hardware tasks, such as offloading functions to a highly optimized, single-purpose chip. However, pre-allocation of commodity hardware can cause artificial resource shortages if the allocated chunk is underutilized. Dynamic allocation virtualization is a more standard approach and typically offers greater benefit when compared to pre-allocation. For true virtual service provisioning, dynamic resource allocation is important because it allows complete hardware management and control for resources as needed; virtual resources can be allocated as long as hardware resources are still available.

Storage Virtualization

Storage Virtualization can be broken up into two general classes: block virtualization and file virtualization. Block virtualization is best summed up by Storage Area Network (SAN) and Network Attached Storage NAS) technologies: distributed storage networks that appear to be single physical devices.

iSCSI is another very common and specific virtual implementation of block virtualization, allowing an operating system or application to map a virtual block device, such as a mounted drive, to a local network adapter instead of a physical drive controller. The iSCSI network adapter translates block calls from the application to network packets the SAN understands and then back again, essentially providing a virtual hard drive.

File virtualization moves the virtual layer up into the file and directory structure level. Most file virtualization technologies sit in front of storage networks and keep track of which files and directories reside on which storage devices, maintaining global mappings of file locations. When a request is made to read a file, P:My Filesbudget.xls for example, the file virtualization appliance knows that the file is actually located on an SMB server in a remote data center at: //10.0.16.125/finance/alice/budget-document/budget.xls.

File-level virtualization obfuscates the static location of a file (in this case on Alice's P: drive) from the physical location, allowing the back-end network to remain dynamic. If the IP address for the SMB server has to change, or the connection needs to be re-routed to another data center entirely, only the virtual appliance's location map needs to be updated, not every user that needs to access their P: drive.

Service Virtualization

And finally, the macro definition of virtualization: Service Virtualization. Service Virtualization connects all of the components utilized in application delivery, and includes the process of making all those pieces work together regardless of where they physically reside. Service Virtualization is typically used as an enabler for application availability.

For example, a web application typically has many parts: the user-facing HTML; the application server that processes user input; the SOA gears that coordinate service and data availability; the DB back-end for application data; the network that delivers the application; and the storage network that stores the application code and data. Service Virtualization allows each one of the pieces to function independently and be "called up" as needed for the entire application to function properly.

Conclusion

While Service Virtualization may encompass all the current definitions of virtualization, it's by no means where IT will stop defining the term. With the pervasive and varied use of the word (as well as the technologies it refers to), there may never be a "final" definition for virtualization; it will continue to evolve and expand as more and more technologies become less and less dependent on rigid operating environments.

Related Information

• F5 and the 8 Ways to Virtualization
• Data Center Virtualization Q&A