Virtualization Technology

A deep dive into hypervisors, paravirtualization and hardware support

learn about hypervisors, paravirtualization, hardware support and virtualization technology on Linux, Windows, and macOS.
Author

Chuck Nelson

Published

September 14, 2025

1 Hypervisors: The Core of Modern Virtualization

Virtualization Technology

1.1 Introduction

In the world of information technology, virtualization is a foundational concept, and the hypervisor is its architect. A hypervisor, also known as a Virtual Machine Monitor (VMM), is a layer of software, firmware, or hardware that creates and runs virtual machines (VMs). It’s the critical link that allows multiple, isolated guest operating systems to share a single host machine’s physical hardware resources.

This article will delve into the technical underpinnings of hypervisors, explore their different types, examine the tools used to manage them, and differentiate them from related technologies like containers.

1.2 Types of Hypervisors: Type 1 vs. Type 2

Hypervisors are categorized into two main types based on their relationship with the host hardware. Understanding this distinction is crucial for appreciating their performance, security, and use cases.

Type 1: Bare-Metal Hypervisors

A Type 1 hypervisor runs directly on the host machine’s hardware, controlling the physical resources and managing the guest operating systems. It acts as the “host OS” itself, with no underlying conventional operating system to manage it. This architecture provides maximum performance and security because the hypervisor has direct access to hardware resources, minimizing latency and potential attack vectors.

  • How they virtualize: They use hardware virtualization extensions (Intel VT-x, AMD-V) to create a highly privileged environment for the hypervisor, allowing it to directly intercept and manage the guest OS’s low-level hardware requests.

  • Use Cases: Primarily used in enterprise data centers, cloud computing environments (e.g., AWS, Google Cloud), and server virtualization where high performance and scalability are paramount.

  • Examples:

    • VMware ESXi: A market leader in enterprise virtualization.

    • Microsoft Hyper-V: A native hypervisor integrated into Windows Server and Windows 10/11 Pro/Enterprise.

    • Citrix XenServer: An open-source hypervisor with a long history in enterprise virtualization.

Type 2: Hosted Hypervisors

A Type 2 hypervisor runs as an application on a conventional host operating system. The host OS handles all the hardware access, and the hypervisor uses the OS’s resources to create and run VMs. This introduces a layer of abstraction that can result in performance overhead compared to Type 1, but it offers greater flexibility and ease of use, making it ideal for desktop environments.

  • How they virtualize: They rely on the host OS’s kernel to perform hardware operations on behalf of the guest OS. They often use binary translation or paravirtualization in conjunction with hardware-assisted virtualization to optimize performance.

  • Use Cases: Commonly used for desktop virtualization, software development and testing, and educational purposes where a user needs to run a different OS on their personal computer.

  • Examples:

    • Oracle VirtualBox

    • VMware Workstation

    • Parallels Desktop (for macOS)

Feature Type 1 (Bare-Metal) Type 2 (Hosted)
Relationship to Hardware Direct access Runs on top of a Host OS
Performance High, near-native Lower, due to the Host OS layer
Security High, smaller attack surface Lower, dependent on Host OS security
Management Requires dedicated management tools Managed like a regular application
Use Cases Enterprise data centers, Cloud Desktop virtualization, Dev/Test

1.3 Virtualization Techniques and Hardware Interaction

At the technical level, hypervisors employ sophisticated techniques to trick a guest OS into believing it has exclusive access to the underlying hardware.

  • CPU Virtualization: The CPU has privileged instructions that only the kernel can execute. Hypervisors must manage these.

    • Full Virtualization: The hypervisor traps privileged instructions from the guest OS and emulates them, or uses binary translation to rewrite the instructions on the fly. This provides full isolation but incurs significant performance overhead.

    • Paravirtualization: The guest OS’s kernel is modified to be “hypervisor-aware.” Instead of trapping instructions, the guest OS makes explicit calls to the hypervisor (hypercalls) for privileged operations. This is more efficient but requires modifying the guest OS.

    • Hardware-Assisted Virtualization: This is the dominant method today. Both Intel (VT-x) and AMD (AMD-V) have extended their CPU architectures to include virtualization-specific instructions. The hypervisor can use these instructions to directly manage guest OS privileged operations, resulting in near-native performance.

  • Memory Virtualization: Managing memory for multiple guests is complex.

    • Shadow Page Tables: A legacy technique where the hypervisor creates and manages a set of “shadow” page tables for each guest, mapping virtual addresses to physical host addresses. This is computationally intensive.

    • Nested Page Tables (EPT on Intel, RVI on AMD): The modern hardware-assisted approach. The CPU’s memory management unit (MMU) directly handles the translation from guest physical addresses to host physical addresses, significantly improving performance.

1.4 Free and Open Source Software (FOSS) Hypervisors

FOSS hypervisors are essential for cost-effective and flexible virtualization solutions.

  • Linux: KVM and QEMU

    • KVM (Kernel-based Virtual Machine): A Type 1 hypervisor integrated directly into the Linux kernel since version 2.6.20. KVM leverages hardware-assisted virtualization (VT-x/AMD-V) for high performance. It’s a key component of modern Linux virtualization.

    • QEMU (Quick Emulator): A user-space component that works with KVM. While QEMU can perform full-system emulation on its own (emulating a different CPU architecture), when paired with KVM, it handles device emulation (network cards, storage controllers) and provides the management layer. The libvirt library is commonly used as a management API for both.

Installing on Linux:

Debian-based (e.g., Ubuntu):

sudo apt update
sudo apt install qemu-kvm libvirt-daemon-system virt-manager
sudo usermod -aG libvirt $(whoami)
sudo usermod -aG kvm $(whoami)

Red Hat-based (e.g., Fedora, CentOS):

sudo dnf update
sudo dnf install qemu-kvm libvirt virt-install virt-manager
sudo systemctl enable --now libvirtd
sudo usermod -aG libvirt $(whoami)
sudo usermod -aG qemu $(whoami)

  • Proxmox VE

    A robust, open-source platform that combines KVM and LXC into a single, comprehensive virtualization solution with a user-friendly web-based management interface. It’s a Type 1 hypervisor based on Debian Linux and is often used by small to medium-sized businesses and home lab enthusiasts. It supports high availability, clustering, and live migration out of the box, making it a powerful alternative to commercial platforms.

  • Red Hat OpenStack

    Unlike a standalone hypervisor, OpenStack is an open-source cloud computing platform used to create and manage public and private clouds. It’s not a hypervisor itself, but a collection of services that manage various resources, including compute, networking, and storage. The compute service, called Nova, manages the underlying hypervisor, which is often KVM. This architecture allows for a massive scale of virtualized resources, providing an infrastructure-as-a-service (IaaS) solution.

  • Windows:

    • While Hyper-V is proprietary, it is included with Windows 10/11 Pro, Enterprise, and Server editions. It functions as a Type 1 hypervisor.

    • You can also use Oracle VirtualBox, which is open-source and a Type 2 hypervisor.

Enabling Hyper-V on Windows (via PowerShell):

Note

Hyper-V can only be enabled on Windows Pro, Enterprise, and Server Editions. It is not avaialble on Windows Home Edition.

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V-All

  • macOS:

    • HyperKit: An open-source toolkit for developing hypervisors on macOS. It’s used by Docker Desktop for Mac to run the Linux VM that hosts the containers.

    • Similar to Windows, Oracle VirtualBox is a popular open-source option for running VMs on macOS.

1.5 Host and Guest Operating Systems: Roles and Concepts

  • Host Operating System (Host OS): The primary operating system that runs on the physical hardware. In a Type 2 environment, the Host OS is the base layer upon which the hypervisor application runs. For a Type 1 hypervisor, the hypervisor itself is the “Host OS” in a conceptual sense, managing the hardware.

  • Guest Operating System (Guest OS): The operating system running inside a virtual machine. A single host can run multiple, completely different Guest OSes simultaneously (e.g., Windows, Linux, and macOS). The Guest OS is unaware it is virtualized, unless it is a paravirtualized kernel.

1.6 Virtualization Server Operating Systems

A virtualization server OS is a specialized, minimalist operating system designed solely to run a Type 1 hypervisor. Unlike a general-purpose OS, it has a small footprint, includes only the necessary components to manage VMs and hardware, and often lacks a traditional desktop interface.

  • Purpose: To maximize the host’s resources for guest VMs, provide a stable and secure foundation, and simplify management.

  • Examples: VMware ESXi, Proxmox VE, and Citrix XenServer.

1.7 VMs vs. Containers: A Fundamental Comparison

While both VMs and containers enable resource isolation, they operate on different principles and are suited for different use cases.

Feature Virtual Machines (VMs) Containers
Level of Abstraction Hardware (Full OS & Kernel) OS (Shared Kernel)
Isolation High. Each VM is a complete, isolated system. Lower. Processes are isolated, but share the host’s kernel.
Resource Overhead High. Each VM has its own OS and dependencies. Low. Minimal overhead, as the container engine uses the host’s kernel.
Boot Time Slower (minutes) Faster (seconds)
Portability Highly portable, but with larger image sizes. Highly portable, with very small image sizes.
Use Cases Running multiple operating systems, isolating services, legacy apps. Microservices, rapid application deployment, CI/CD pipelines.

1.8 Tools for Manipulating Virtual Devices

Managing virtual devices, particularly disk images, is a common task for system administrators and developers.

  • qemu-img: A powerful command-line tool from the QEMU suite for manipulating disk image files.

Linux (all distros):

# Create a new 10 GB disk image in qcow2 format
qemu-img create -f qcow2 my_vm_disk.qcow2 10G

# Convert an image from raw to qcow2 format
qemu-img convert -f raw my_old_disk.img -O qcow2 my_new_disk.qcow2

# Resize an existing qcow2 image
qemu-img resize my_vm_disk.qcow2 +5G
  • VBoxManage: The command-line interface for Oracle VirtualBox. It allows for complete control over the application and its VMs.

Windows/macOS/Linux:

# Create a new VM
VBoxManage createvm --name "MyUbuntuVM" --ostype "Ubuntu_64" --register

# Create a new 10 GB VDI disk image
VBoxManage createmedium disk --filename "my_vm_disk.vdi" --size 10240

# Resize a VDI image
VBoxManage modifyhd "my_vm_disk.vdi" --resize 20480

1.9 Virtual Networking: Connecting the VMs

A virtual machine is a useless box without a connection to the network. Hypervisors provide a rich set of virtual networking capabilities to enable communication between VMs, the host, and external networks. The two fundamental components are virtual network adapters and virtual switches.

Virtual Network Adapters

This is the equivalent of a physical Network Interface Card (NIC) inside the VM. The hypervisor emulates a standard network device (e.g., Intel E1000) that the guest OS recognizes. The guest OS installs its own driver for this virtual NIC, which then forwards network traffic to the virtual switch on the host.

Virtual Switches and Bridges

A virtual switch or bridge is a software component on the host machine that acts like a physical network switch. It connects the virtual network adapters of multiple VMs, allowing them to communicate with each other. It also typically provides a connection point to one or more physical network adapters on the host, allowing VMs to access the external network.

  • Open vSwitch (OVS): A powerful, open-source virtual switch often used in cloud computing and data centers. It’s a key component of Software-Defined Networking (SDN) architectures, as it can be programmatically controlled by a central controller to define complex network policies and flows. OVS is a feature-rich, high-performance solution that goes beyond basic switching.

OS-Level Network Namespace Separation

This is a key concept in Linux and is the foundation for container networking. A network namespace is a logical copy of the network stack, including its own network interfaces, IP addresses, routing tables, and firewall rules.

By default, every Linux process belongs to the default network namespace. Tools like Docker or LXC create new network namespaces for each container, providing network isolation while still sharing the host kernel. This is a lighter-weight form of virtualization than a full VM.

Platform-Specific Support

Operating System Native Virtual Switch / Bridge Network Namespace Support Open vSwitch (OVS) Support
Linux Linux Bridge (brctl), libvirt bridges. Yes, natively supported via ip netns and used by containers. Yes, a primary component of many enterprise solutions.
Windows Hyper-V Virtual Switch. No, not a native OS concept. Can be installed and used, but not a native component of the OS or Hyper-V.
macOS Native bridges not typically exposed to the user. Virtualization tools like Docker use internal virtual networks. No, not a native OS concept. Can be run within a VM on macOS, but not natively.

1.10 Advanced Virtualization Concepts

Virtual Firmware: The VM’s BIOS/UEFI

Just as a physical machine needs a BIOS or UEFI to initialize hardware and load an operating system, a virtual machine relies on virtual firmware. This is a software component, provided by the hypervisor, that performs the same functions for the virtual hardware.

Modern hypervisors support both legacy virtual BIOS and modern virtual UEFI. UEFI is increasingly important because many modern operating systems, particularly Windows 11, require it for features like Secure Boot, a security mechanism that prevents malware from hijacking the boot process.

  • OVMF (Open Virtual Machine Firmware): A prominent example of open-source virtual firmware. It is a TianoCore-based UEFI implementation often used with KVM. OVMF enables the use of advanced features like UEFI boot, Secure Boot, and GPU passthrough with Linux-based hypervisors.

  • Other Virtual Firmware: Commercial hypervisors like VMware’s ESXi and Oracle’s VirtualBox have their own proprietary virtual firmware implementations that are designed to be compatible with a wide range of guest operating systems.

Nested Virtualization

The ability to run a hypervisor inside a virtual machine. This is useful for testing hypervisors or creating a “lab within a lab.” It requires both hardware support and hypervisor configuration.

Hardware Virtualization vs. Hardware Passthrough

When a guest OS needs to use a piece of hardware, the hypervisor can handle the request in one of two ways: virtualization or passthrough.

  • Hardware Virtualization (Emulation): In this mode, the hypervisor intercepts all hardware requests from the guest OS and emulates a virtual device. For example, a VM might see a virtual network card, even if the host’s physical network card is from a different manufacturer. This provides flexibility and allows for live migration, but can introduce a performance penalty due to the emulation layer.

  • Hardware Passthrough (IOMMU): This is a more advanced technique where the hypervisor provides a VM with exclusive, direct access to a physical hardware device, bypassing the emulation layer. For this to work, the CPU and chipset must support IOMMU (I/O Memory Management Unit), which Intel calls VT-d and AMD calls AMD-Vi. This is essential for high-performance applications like running a VM with a dedicated graphics card for gaming or a high-speed network adapter for low-latency networking. The trade-off is that the device can only be used by one VM at a time and live migration is not possible.

Snapshots

A point-in-time state of a VM, capturing the entire system’s state, including memory, disk, and configuration. Snapshots are invaluable for backing up and reverting to a known good state.

Cloning

Creating an exact copy of an existing VM. A full clone is completely independent, while a linked clone shares a base disk image with the original, saving storage space.

1.11 Processor and Chipset Support for Virtualization

Modern virtualization relies heavily on dedicated hardware extensions provided by the CPU and, to a lesser extent, the chipset. These extensions create a highly privileged “root” mode for the hypervisor, allowing it to manage guest OSes with minimal performance overhead. Without these extensions, virtualization would be significantly slower and less secure.

  • Intel: The extensions are known as Intel Virtualization Technology (VT-x). For I/O virtualization, they use Intel VT-d (Virtualization Technology for Directed I/O).

  • AMD: The extensions are known as AMD Virtualization (AMD-V), which was formerly called Secure Virtual Machine (SVM). For I/O virtualization, they use AMD-Vi.

How to Query for Processor Flags on a Running Machine

A more technical way to determine if your CPU has virtualization capabilities is by checking its specific feature flags. These flags are exposed by the operating system and indicate hardware capabilities.

Linux

On Linux, CPU information is available in the /proc/cpuinfo file. You can grep for the specific flags.

  • For Intel CPUs, you would search for the vmx flag.
grep vmx /proc/cpuinfo
  • For AMD CPUs, you would search for the svm flag.
grep svm /proc/cpuinfo

If the command returns any output, it means the flag is present and the CPU supports hardware virtualization. If no output is returned, the feature is either not supported or is disabled in the BIOS/UEFI.

Windows

Windows does not have a single file like /proc/cpuinfo that exposes these raw flags. Instead, you can use the systeminfo command in PowerShell or Command Prompt. Look for the Hyper-V Requirements section.

systeminfo.exe

This will provide a detailed system summary. Look for the lines that start with Hyper-V Requirements:. If the output shows VM Monitor Mode Extensions: Yes, then your CPU supports the necessary virtualization features.

macOS

For Intel-based Macs, you can use the sysctl command, which provides a list of system-level parameters.

sysctl -n machdep.cpu.features | grep VMX

If the command returns VMX, it confirms that Intel’s VT-x is supported and enabled. On Apple Silicon Macs, virtualization is a native function of the architecture, so this check is not necessary.

Performing a Hardware Inventory

Knowing your system’s complete hardware configuration is essential for planning and troubleshooting virtualization.

Linux

Linux offers several command-line tools for hardware inventory, with lshw being a popular choice for its detailed output.

# List all hardware, with a summary. Run as root for more detail.
sudo lshw -short

# Get a more detailed view of the hardware.
sudo lshw

Another useful tool is hwinfo, which provides a very detailed and human-readable output.

Debian-based (e.g., Ubuntu):

sudo apt install hwinfo
sudo hwinfo --short

Red Hat-based (e.g., Fedora, CentOS):

sudo dnf install hwinfo
sudo hwinfo --short

Windows

Windows has a built-in command-line tool called msinfo32 (System Information). While it launches a GUI by default, you can query it from the command line.

# Open Command Prompt or PowerShell
msinfo32 /report C:\hardware_report.txt

# The output will be saved to the specified file.
# You can also get a summarized version with systeminfo.exe
systeminfo.exe

macOS

The system_profiler command provides a very comprehensive report of all hardware and software on a Mac.

# Get a short, high-level summary of the system
system_profiler SPHardwareDataType

# Get a full report, which can be very long
system_profiler

To get a more readable, formatted output, you can save it to a text file.

system_profiler > ~/Desktop/hardware_report.txt
Back to top