0x364 Virtualization

• 1. Native Hypervisor (Type-1)
  • 1.1. x86 virtualization
• 2. Hosted Hypervisor (Type-2)
• 3. OS Virtualization (Container)
  • 3.2. Namespaces
  • 3.3. Control group (cgroup)

1. Native Hypervisor (Type-1)

installed on bare metal, e.g. Hyper-V

1.1. x86 virtualization

There are two implementation in x86, one is to use hardware support from ring-1 enabled by Intel VT-x or AMD-V. An alternative approach is to use hypercall.

2. Hosted Hypervisor (Type-2)

installed on OS, e.g. virtualbox

3. OS Virtualization (Container)

Containers are a method of

• packaging an application executable and its dependencies (runtime, system tools, libraries..)
• running the package as a set of resource-isolated processes

It is vital to understand that a running container shares the kernel of the hostmachine. This means Windows container needs to run on a Windows OS, linux container on a linux OS. There are exceptions: linux container can be run on Windows using Hyper-V or WSL, it can run on Mac OS using lightweight linux VM

Read this online book about Docker.

Check this video

3.2. Namespaces

3.3. Control group (cgroup)