KVM is a popular open-source virtualization solution for Linux that turns the kernel into a hypervisor.
- virt-install: Creates new VMs. It allows specifying various parameters like the name, disk, memory, network interface and more during the VM creation process.
virt-install --name=vm_name --vcpus=2 --memory=2048 --cdrom=/path/to/install.iso --disk size=20G,format=qcow2 --os-type=linux --os-variant=generic- virsh start : Starts a specified VM.
virsh start vm_name- virsh shutdown : Gracefully shutdown a specified VM.
virsh shutdown vm_name- virsh reboot : Reboots a specified VM.
virsh reboot vm_name- virsh destroy : Forcibly stop a specified VM. This is equivalent to unplugging the power cord.
virsh destroy vm_name- virsh undefine : Deletes a VM definition. This does not delete the VM's storage volumes.
virsh undefine vm_name- virsh list [--all]: Lists all running VMs. The --all flag includes stopped VMs in the list.
# Create
qemu-img create -f qcow2 /path/to/image.qcow2 20G
# Resize
qemu-img resize /path/to/image.qcow2 +10G
# Clone
virt-clone --original vm_name --name new_vm_name --auto-clone# List all defined networks
virsh net-list --all
# Starts a specified network
virsh net-start default
# Stops a specified network
virsh net-stop default
# Delete a network definition
virsh net-undefine default# Displays information about a specified VM
virsh dominfo vm_name
# Lists all block devices for a specified VM
virsh domblklist vm_name
# Show the VNC display port for a specified VM, allowing remote access to the VM's console.
virsh vncdisplay vm_name- Hardware-assisted virtualization: KVM turns the Linux kernel into a hypervisor. It leverages CPU extensions designed for virtualiztion (Intel VT-x or AMD-V) to run VMs("guests") directly on the hardware, which significantly improves the performance by allowing most guest code to execute unmodified at near-native speed.
- Kernel Integration: Being part of the linux kernel, KVM benefits from kernel features such as scheduling, memory management and security applying these directly to VM management.
- Device Emulation: QEMU is capable of emulating a wide range of hardware peripherals (network cards, disk controllers, GPUs, etc..) making it possible to create virtual hardware environments for VMs that mimic real systems.
- User-space Components: Operating in user space, QEMU interacts with KVM to launch VMs and provides emulation layer for devices not handled by KVM or for which direct hardware access isn't possible or desired.
QEMU initiates the creation of a VM, setting up the virtual hardware environment. It then utilizes the KVM to create and manage VM's processes, leveraging KVM's integration with Linux kernel for efficient execution.
For CPU-intensive tasks, KVM directly executes guest code on the host CPU, using hardware virtualization features to ensure isolation and performance. This direct execution path significantly reduces overhead compared to full emulation.
For device I/O operations, QEMU emulates the virtual hardware devices of a VM. When a guest OS attempts to interact with a hardware device, QEMU intercepts these calls and emulates the expected behavior of the hardware, providing the quest with a realistic operating environment.
KVM manages memory of VMs through Linux kernel, using standard memory management techniques and additional features like huge pages for performance. QEMu interacts with KVM to allocate, map and access the VM's memory space.
QEMU can emulate network interfaces for VMs and also supports bridged networking, allowing VMs to be connected to real network segments transparently.
QEMU provides virtual graphics adapters and input/output devices for VMs, allowing users to interact with their VMs using standard peripherals like keyboards, mice and monitoprs.
Here's a table summarizing the key differences between Virtual Machines (VMs) and Containers:
| Feature | Virtual Machines (VMs) | Containers |
|---|---|---|
| Virtualization Level | Hardware-level virtualization | Operating system-level virtualization |
| Isolation | Complete isolation between VMs | Isolated from each other but share the host OS kernel |
| Resource Requirements | Higher (full OS plus virtual hardware per VM) | Lower (share host OS, smaller footprint) |
| Startup Time | Longer (involves booting an OS) | Faster (no OS to boot, starts application directly) |
| Portability | Less portable (tied to hypervisor) | Highly portable (encapsulates application and its dependencies) |
| Use Cases | Ideal for applications needing full OS, specific resource allocations, or hardware-level isolation | Suited for microservices, scalable applications, development/testing environments |
| Operating System | Each VM runs its own OS | Containers on the same host share the host's OS kernel |
| Density | Lower (due to resource requirements of each VM) | Higher (due to shared OS and lower resource requirements) |
| Management | Managed per VM (each VM is an isolated environment) | Managed as a set of interrelated containers running on a single OS |
| Security | Strong isolation can lead to higher security | Security depends on kernel isolation features; less isolated than VMs |
This table highlights the fundamental differences and typical use cases for VMs and Containers, helping you choose the right technology based on your specific requirements.