Linux Virtualization Concepts
External
- https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Virtualization_Getting_Started_Guide/index.html
- https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Virtualization_Deployment_and_Administration_Guide/index.html
Internal
Generic Virtualization Concepts
Virtualization Solutions from Red Hat
RHEL 7 includes a hypervisor and a number of virtualization tools, which allows running guest operating systems, so it can function as a virtualization platform. However, the solution supports a limited number of guests per host and a limited range of guest types. Red Hat Virtualization is an enterprise virtualization solution based on the KVM technology, offering more features than Red Hat Enterprise Linux. Red Hat OpenStack Platform support OpenStack clouds.
KVM (Kernel-based Virtual Machine)
KVM is a hypervisor that only runs on systems with hardware supporting virtualization extensions. It is built into the standard RHEL 7 kernel, and it can run Linux, Windows, Solaris and BSD guests. KVM is integrated with the Quick Emulator (QEMU). KVM is managed with the libvirt API. The virtual machines are executed as multi-threaded Linux processes controlled by tools built in top of libvirt. KVM supports overcommitting, kernel same-page merging (KSM), disk I/O throttling, automatic NUMA balancing and virtual CPU hot add.
Xen
Xen can do full virtualization on systems that support virtualization extensions, but can also work as hypervisor on the machines that don't.
Quick Emulator (QEMU)
QEMU Guest Agent
The QEMU guest agent runs on the guest operating system and makes it possible for the host machine to issue commands to the guest operating system.
libvirt
libvirt is a package providing a hypervisor-independent C-based API that can be used to manage KVM.
Storage and Virtualization
Networking and Virtualization
Security and Virtualization
KVM virtual machines use SELinux and sVirt to enforce security.
sVirt
sVirt is a technology included in RHEL 7 to integrate SELinux and virtualization. It applies Mandatory Access Control (MAC) to improve security when using virtual machines.
Steal Time
"Steal time" is the percentage of time a virtual CPU waits for real CPU while the hypervisor is servicing another virtual processor.
A high value means the physical CPU is overcommitted and more physical CPU should be allocated to the environment - or the VM should be moved on a different physical server. The steal time is reported by vmstat st.