Different Types of Virtualization
Vložit
- čas přidán 29. 05. 2024
- In this video I discuss different forms of virtualization (mostly type 1, type 2 hypervisors and containers)
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Wownero
WW3AbGBJtdSJEhRhRZYiPEUdyPZqVQaUFb4XmvafJ7SaiXmEuzV14Zw7UZGVxNJvF1jVDQd8UXxyXV6T5v4bYPV82WayFzwkc
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
Subscribe to my CZcams channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. - Věda a technologie
I run all my software within my turning complete Minecraft Redstone computer. it is always safe to do so, not many viruses have gotten through my actual system yet.
And intel management engine cant bother you
@@canismajoris9115 but the glowies do keep trying to get me tho, lol. the other day I was in a Starbucks and this young lady approached and took a seat next to me, I was optimizing a few of the memory modules of my redstone-system. and she asked me what I was doing, heck, she even dared look directly at my eyes. I BET SHE WAS A GLOW IN THE DARK CIA N* TRYING TO GET ME TO SPILL MY PRIVATE INFORMATION. I called her out for the horrible person she was and punched her in the face before leaving in a sprint for my safety. I was not sure if there were more Glowies waiting for me on my way home so I took a rest under a bridge for a few days.
@@__-kd8oz You need help
@@__-kd8oz based
Someone called SethBling wrote a snes emulator in minecraft command blocks.
I like how he just gets straight to the point
Yep
HI GUYS AND WELCOME BACK TO *ANOTHER LINUX VIDEO* MAKE SURE TO HIT LIFE AND SMASH MY BUSSY
@@LabiaLicker Make the gay go away.
@@MastarCheef1337 homophobic much?
exactly
Mental Outlaw, the man carrying me through my cybersecurity degree.
No wonder he's so buff
I second this
i found this channel 3 months too late
There are cybersecurity degrees?
Perfect timing with the Windows 11 leak
@@ea9849 what's the step up from the free one?
@@ea9849 how can we dm you this is youtube
@@ea9849 Bro will probably sneak some FUD's on that sweety Pro16
magnet: ?xt=urn:btih:7101c26a2ba10ab2374dcc171f92a443bdc986c5&dn=21996.1.210529-1541.co_release_CLIENT_CONSUMER_x64FRE_en-us.iso
remove the space between magnet and the ? for the magnet link
edit: i added the space because youtube deletes my comment otherwise
@@p6n7l that's a torrent (or similar) link. Use a VPN when using it
the matrix is the only kind of virtualization
Underrated comment
Mmmm...blue pill please...they are the yummiest
@@littlepeon tbh I need the red pill-
@@littlepeon You spelled commieest wrong.
Tier 0 Hypervisor
For those still not clear on the container-based virtualization (CBV) and hypervisor-based virtualization (HBV).
CBV like Docker virtualize the OS. It captures system/kernel calls, like opening file handles, making network sockets, making new threads etc. and translates these system calls to the native host's system calls. There is no separate guest OS running for the guest application. The application runs directly on the host OS, but it can't access other files and folders because it is namespace-isolated. The "/" directory for the guest application might be "/home/username/appname/" for you.
HBV like VirtualBox, QEMU, VMware and more virtualize the hardware instead of the OS. So you do in fact run a guest OS on top of your host OS. System calls are not translated for the guest app, it talks directly to the guest OS. It is when the guest OS tries to fulfil the system call by talking to hardware, is when the hypervisor comes into play. When the guest OS for example wants to read sector X of your HDD, it translates that to what location in the actual, physical HDD it belongs to, and then the corresponding file is requested by the hypervisor from the host OS (for type-2, in type-1 the hypervisor is also the host OS so it simply reads the corresponding sector itself), gets the file, read the right location, and return it back to the guest OS, which returns it to the guest app. You can see why this might be slow.
(CBV and HBV are not actual abbreviations, I just made them up for my own convenience.)
So ciuld wine be considered a kind of container?
Emulating the hardware is usually easier, as there is a lot of closed source software. That's why you only can have good NVIDIA experience with its native drivers. Which probably cannot be done without hypervisor with hardware passthrough to the VM.
During my school days virtualization was so annoying. Making whole VM network was a pain.. but I'm time I start to see pros and cons of it. Nowadays I can't live without for example proxmox. This tech became so convinient ...
Back in school, when I learned to write C++, I never considered Virtualisation as an option. It was so slow and the performance loss was not worth the slightly easier management.
Nowdays with efficient VMs, Docker, Kubernetes, .... at our Fingertips (hardware support in desktop CPUs) it is a welcome option.
We currently have some stuff where we need to create VMs and a network just for the VMs at school. Was pretty easy to set up a virtual switch on my ESXi at home. My classmates who are running their VMs on their laptops had more issues though
What are you doing with lulzsec logo?
One thing that I noticed is that VirtualBox works pretty good inside Windows even in a low end machine, but on Linux for whatever reason it's incredible slow, at least for me. Then I tried Qemu + KVM and boom, loading and installation times got really fast. Unfortunately the graphics virtualization just sucks unless you do a PCI passthrought. But honestly on Linux the best virtualization experience is going to be with Qemu with virt-manager.
I'd recommend looking into VirtIO graphics and intel gvt-g for gpu virtualization in qemu. PCI passtrough is the easiest to set up if you already have the hardware though.
@@camwha5904 I was experimenting a little with the virtio graphics and it kinda works but it's really buggy on my old hardware (ivybridge). But it's way better than qxl.
Hypervisers Type 1 0:00
Xen & Qubes OS 2:00
Type1 vs 2 vs 1.5 3:43
Type 2 4:50
Docker 7:23
So, I feel the need to be pedantic. VirtualBox's BIOS is GPLv2, and easily visible in the source tree, in src/VBox/Devices/PC/BIOS (for BIOS) or src/VBox/Devices/EFI/Firmware (for EFI).
Its compiled with a tool chain that does not meet the criteria to be a free and opensource.
The source code is avaible but as long as you compile it with a proprietary compiler the software is not open source
@@satra1102 honestly, this is one of those "who cares" situation.
@@satra1102 First off, I agree with the "who cares" part, but since you want to be that pedantic, I'm going to point out your pedanticity is wrong.
Second off, the "All distributions" version of VirtualBox is built with "GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7-22.0.1)". This is, believe it or not, an open-source toolchain. So, you were saying?
@@satra1102 Its not free but it is open source . They use OpenWatcom compiler , which's license requires you to share software modifications not only if you distribute but also if you use privately (like googles private linux distro) . FSF says that is not free . But the compiler's source code is open , just not libre
An episode on Qubes would be really cool
kvm is actually for type-1 virtual machines. Installing it effectively turns the "host" operating system into a type-1 hypervisor, since all hypervisors do need basic OS features. The difference is that you still have complete access to the underlying components since they are just a linux OS, so you can trat it as if it is a type-2 virtualizer if you want to.
PCI-e passthrough is a pain to deal with sometimes, but whenever it works it's amazing. I tried to pass a quad gigabit nic from Proxmox to a VM, but the card was on the same IOMMU group as the internal NIC so it passed in both and I lost access to the Proxmox web gui, later I found out that it's impossible to seperate them because of the electrical wiring on the motherboard itself. Fun times.
I feel like that 10 minute explanation was exactly what I needed I got so much information it was unreal. I was looking at type one hypervisors and wanted to know a little more about them.. Yeah this put a lot of information into perspective and I highly recommend this video for learning more about virtualization.
Bit of a clarification: As far as the type 1 hypervisor for VMware goes, that'd be ESXI. Vsphere is the configuration manager.
Thank you for the many videos lately. Really enjoying these.
Muta: **zips pants**
gpu passthrough with qemu-kvm is the best thing ever
Please tell me you watch mutahar
@@Metali-slay-deth-thrax who doesn't?
containers are not related to virtualization at all, they are native applications running natively on the host hardware, even using the same kernel, they are just as separated from all the other components of the system (security-wise) as possible.
they can have similar limits (like RAM, CPU, etc.), and serve similar purposes like virtualization, but they are not the same kind. not at all.
Yep. They are completely separate. Might be a good follow-up video though.
I would like to say that it is possible to run a Windows application in a Docker containger, so this isn't entirely true. You can run a Fedora container on a Debian host. All that's necessary is that the host system should be Linux-based (because it needs namespace isolations and other stuff I don't know which is easy/exclusive to program in Linux).
So the difference is just that containers are just a locked down app? Wasnt there supposed to be advantages with differing versions too?
is there a good video out there to understand the difference?
Thats not entirely true because yes you are running on the same kernel, but the os you are running in is vitrualized.
The Problem here is the definition of virtualization.
Containers or jails as they were called in the old days are a completly different way of doing things then the classical i will run a Computer in a computer. It's more like I run an OS inside an OS or arguably i run a Userspace inside a Userspace.
With your look at virtualization one could argue, that a real bare metal hypervisor is just 2 Computers running on the same Hardware and not virtualization. And the only true virtualization is Type two Hypervisors.
@@sarah-kx5dl How docker works - intro to namespaces by liveoverflow is a good starting point.
i like your comment about security through obscurity!
This might be helpful for the SEC+ cert I'm currently studying for thanks!
Can you do QEMU tutorial? All the ones I'm finding are bad and the documentation is not beginner friendly.
Try using virt-manager instead, it's a front end to QEMU. If you need to mess with your VMs once they're created you can go in and edit the config files, much easier to do this way than trying to learn QEMU from scratch.
The arch wiki has a very straightforward first-time guide and the gentoo wiki has an article on the more popular options to pass (amount of resources, kvm acceleration, etc.). Once you get an OS installed on a disk image, you can just save your launch command with all its options as an executable shell script :)
Also if you like GNOME, Boxes is just a front-end for qemu.
touhou
Hey thanks for making a vid on Qubes OS; I've been wanting a straight forward explanation about it.
Thank you for this. I wasn't sure exactly what all the hype around containers like Docker or Kubernetes was...
This channel is a gem
I was just wondering about this! Watched a video that touched on KVM less than an hour ago.
VMs are great for compartmentalisation. I should’ve gotten into them sooner
Check containerd it is basically replacing docker to be the standard
Basically anything is overall better than docker
On RHEL based distro they prefer podman
podman is from red hat. If u want it more raw then docker check moby? i guess
I don't know much about it, but I've also heard of something similar to these things: Nix / NixOS
You got me into virtualizing windows
thanks for the explanation, cheers!
Thank you for this video, Now I can do pci express pass through for free, Something that should come with and be expected in virtual machines.
Good video. You can also usb passthrough to qemu ;)
I swear you know exactly what I am working on..
Thanks a lot, learned a lot!
Qemu and vmware workstation would be hybrids, because they can both operate as Type 1 or Type 2 depending on if they are using host accel, IE. Kvm/WHPX.
Also anticheats are starting to block VM gaming
@Xarvveron ?
Thankfully EasyAntiCheat leaves it up to the game developers for whether or not VM's should be bannable, and I haven't been banned on games which use that. BattleEye games (R6 siege, Escape from Tarkov, etc) will ban you for using a VM. Genshin and Valorant block VMs. But every other game in existence works perfectly fine with VM gaming rn
@@clocked0 You don't get banned for using a VM, you get banned if you try to bypass it. But battle I does block VMs. You're right about easy anti-cheat though thankfully
@@clocked0 there are methods to hiding a vm from these anti cheat services but most of the well known methods have been patched and the unknown ones are kept super secretly by the people who know them (like it’s utilizing an exploit on a new linux kernel release from a week ago that they only know for now). You can technically best the anti cheat softwares with enough brute force, research, and tinkering but they’re the ones with control over your account in the end so the risks can be pretty high
Different style video but I liked it a lot :)
How about Proxmox as a bare metal hypervisor? It's free and opensource and really nice to use.
Great vid, but I wish you would've talked more about Xen and KVM.
1. cpu demand can be quite high due to anti cheats and drm especially denuvo.
2. if you are not playing online anti cheat should not be a problem.
3. i think a simple supervisor/warden like system could be built into the vm that reserves a few cpu cycles to detecting if the vm is not responding and reboot it.
it would be like the mac books have where they will reboot if they freeze
VMs are pretty good for gaming, but I've had trouble running some games on them. They're good, but not perfect.
Hi Lincoln
How does League of Legends play with vms?
@@sarscio I'm pretty sure it runs fine if you do gpu pass-through. The only games I can't run are valorant and rainbow 6. I had trouble running genshin but I figured it out. If you pass-through a gpu, almost all games will run like they where on windows
@@whathandleisnttaken heard you have to enable hyper v and add some lines in the XML to get valorant, r6s or genshin running under the vm with gpu passed in
@@doragonmeido it used to work, but I think they patched it.
Good video I don't quite understand the difference between type 1 and type 2 tho. Like what exactly does type 1 do to run on the hardware and get better performance?
We need something like SR-IOV support for the consumer GPUs, then we would be able to run everything virtualized with full hardware acceleration without any container or VM being able to access anything which doesn’t belong to it, would be much more secure and great for Linux gaming, cause no GPUs are available, and currently we need at least two to run a Windows VM for Gaming, which is ridiculous.
Basically one idling all the time, the other working.
While nobody gets a single GPU.
Nvidias 3000 lineup support SR-IOV via hardware, but that’s it, they wait for AMD or whomever to enable it first to magically get that feature either if needed to be more competitive.
We need to demonstrate against that shit, that feature is really important and should be enabled for everyone.
Currently only super expensive pro cards for 10 grand or whatever and or with monthly multiple grand subscription fees you get that feature eventually.
AMD had one card a few years ago a FirePro or whatever forgot the name, super expensive card worse than consumer cards, but without subscription.
Level1Tech does good videos about it.
Cards without sth. similar to SR-IOV should be illegal.
Imagine your CPU not being able to run virtual machines.
I don't understand a lot of that but i agree
just use proton, no need for a windows vm nowadays.
besides, many gaming pc's already have 2 gpu's, a dedicated and a cpu-integrated one.
Where does the standart Windows sandbox stands? From description it is container based. Is it any good compared to alternatives?
very nice
Have you heard about Jails in FreeBSD. I know you don’t talk about the BSDs but it’s one of the oldest virtualization system that has very little overhead.
or bhyve, more recently
Next video lets talk about containers please!
Thanks 🙏
Macs have integrated and dedicated graphics, could qemu work for gaming?
Finally... A straightforward, no BS overview focused on the most used choices within virtualization/containerization, their practical application, and comparisons of how each relates to another.
Great video and even better demonstration of knowledge related to these technologies.
I don't understand why there isn't other content like this among other reputable content creators. It seems like most other videos are more geared towards a singular view or comparison.
👍
i remember qemu being part of using swift on arm originally
Aw yes I'm hooked
Docker is cool but I do really recommend also LXD/LXC Linux containers + WEB manager LXDUI.
It's worth mentioning that with PCIe passthrough, you don't generally need to buy a second graphics card if your CPU has integrated graphics.
Ive been wondering why you dont use QEMU/KVM with virt-manager, can you tell me why that is?
IBM POWER/pSeries systems have a hypervisor at the firmware level. Moreover, most setups use multiple Virtual I/O Servers that run as LPARs (VMs).
Quite a bit different than the type 1 hypervisors you see on Intel/AMD platforms.
Nice, now why not a few videos on installation and use of Dockers, QEMU and virt-manger?
One of the things I like to do with VMs is a 1 pc 4 people set up. Which basically 4 people sharing one pc. Each one have their own VM windows. Problem with this setup is that you need a beefy PC, luckily my work station pc has a threadripper 3990x, 64gb ram and 2060 super + radeon 7 so this is doable for me...
Does wine count?
wine is an emulator :P
@@isAif47 it is not
@@pakistanigamer6525 agree, I thought I was funny to say it's an emulator when in the name itself it says "wine is not an emulator".
Sorry for confusion.
WINE is what's known as a 'compatibility layer'. It's not strictly an emulator or a hypervisor.
For someone who doesn't know computers, how long (estimate) would it take to learn Linux?
I tried xcp-ng, but the boot from USB install media ends with reboot without any message. Safe mode is way too slow, like screen scrolling messages up during boot takes 1 sec to scroll 1 line up to free space for the next message and I did not have the patience to wait more than 20 minutes and safe mode was still booting. I now use small Arch installation with kvm, libvirt and qemu. It is a lot of fun and frustration at the same time. I managed to successfully passthrough my Nvidia card. That took couple of days.
Even if you have a CPU older than a decade and that doesn't support virtualization, you can still run virtual machines.
Is using VM on Windows good for privacy ? As in can Windows see everything I do on the VM?
Windows can see what you do on your vm, but in theory in cant see outside of the vm
@@canismajoris9115 thanks for clearing that up
@@canismajoris9115 I think he means running vm's on a windows machine(windows being the host) and not the other way around.
@@weshela-in-chief do you mean running windows in a vm or running a vm in windows what os is the host? privacy is good if windows is in a vm but if your main systems running it its way worse
I've used VirtualBox and Vagrant to match my development environment to that of my Digital Ocean instance when web developing. But haven't used VM for anything else.
What am I missing? Anything fun.
You can now use docker for that.
Not missing anything that I know of. If you are on mac (or windows i assume) then docker will not be any faster than vagrant/virtualbox for a local environment. I also find ansible much better to work with than docker. Anyways, other uses of VMs: try out a new OS, use windows semi-securely by destroying it to bits after each use, boot up xp to feel nostalgic, safely inspect infected files, test updates, you could even run a vm inside a vm if you really want to be a weirdo about it.
@@eritert I'm on Linux mint distro. I wouldn't mind booting Windows to get my Adobe CC working. So I don't have to boot my old Win7 Dell precision 😬
@@AlenAbdula Hey what's wrong with a Dell Precision running Windows 7!?
@@FlyboyHelosim nothing, im still using it for my photography work and design, but Adobe CC slowly fading out support. It is what it is
I was just going to create a virtual machine, thank you!
are there any VMs out there that literally simulate a CPU? that would be super slow but I imagine it could be the most secure vm possible
I'm pretty sure that would be an emulator.
@@ashtentheplatypus yes, I think itd be both
Arent all emulators virtual machines?
It would still be secure if your (intel) cpu is compromise?
@@cardd1577 Not if I libreroot the fuck out of it Hahaha
@@AndyChamberlainMusic The difference is that with a VM, it's the hardware pretending, whereas with an emulator, it's the software pretending.
Isn't Windows also a type 1 hypervisor? I remember reading somewhere that it is
They're probably talking about Hyper-V. It's a type 1 hypervisor technology from Microsoft that does NOT come pre-installed with windows, but can easily be enabled and downloaded (as an update). It's similar to KVM to the fact that it runs side-by-side with the windows kernel, but it lacks a lot of features compared to KVM, Xen or ESX(i).
I really wish nvidia would enable sr-iov on their consumer cards. Would love to run linux host and windows gaming vm on kvm on one card
"You're typically not gonna see a type 1 especially at a home desktop"
Uh, the very prolific WSL2 for consumer windows would like a word..
If you [somehow] haven't heard of it, it's like Qubes except your interface in your regular windows install, and you can just run any native linux code through the windows ui on the linux sibling hyperv kernel/s
Not for security, but ease of use and is pretty stellar. P9-facilitated, seamless, two-way filesystem mounts, cli interactivity, and graphics & raw disk passthroughs.
But only for linux and no real control over other block devices for the linux kernel (but it *is* a real kernel and ive compiled my own to get wireguard working and it operates very close to metal).
Thank you for uploading this, I'm literally getting windows 11 ready for testing. I will definitely try these sometime.
Yes qubes is awesome and easy
I understand,
Type-1 (Bare-Metal) : Hypervisors like Qubes-Os,
Type-2 (Hosted) : VirtualBox w/proprietary BIOS, QEMU (free PCIe passthru)
Docker Container
But what is meant by KVM hypervisor available only on Linux? Windows only has Hyper-V? Where does WSL2 fit in?
What about LXD??
Or CHROOT??
(The latter is not a VM)
yesssss
AFAIK Docker is not designed with security in mind and it appears to be afterthought. Any evidence to contrary?
Aight then.
Ey bro I love the content. This video came out a week after I bought myself my server.
Now install Proxmax and you'll be a happy person
Qubes: the best OS for coomers
Cover mixnets nym is the biggest
Where would something like WSL fall into?
Since WSL2, it is virtual machine managed by the windows hypervisor (HyperV) which you can connect through the windows terminal. Windows 10 itself has it's own virtual machine software which you can find by searching HyperV Manager on the start menu.
Additionally, if you have WSL2 you have HyperV turned on which can make virtualization by third party solutions very slow.
This is really more of what's known as a 'compatibility layer' than a hypervisor.
Make a tutorial about docker. tried it but got too booring to use it
So how secure is Docker? Since it's layer 3. Not that secure, huh?
YES! HE SAID DOCKER!
No outtakes? :)
If you don’t use a Kubernetes Cluster to play video games are you really playing video games?
Many hosters (Netcup for example) use KVM for virtualisation
If you are running Windows or MacOS in the host computer, you will still spin up a VM to run Docker. Docker requires Linux, and the trick to get it running on other OSes is to launch a VM with Linux, just the way Windows runs WSL or ChromeOS runs its Linux instance. So, Docker is only convenient in a fundamental way to Linux users. Also, you can't run nothing but Linux inside a Docker container.
What[ forum are you on. I would like to talk
No mention of Proxmox? Shame!
Proxmox is pretty cool to run VMs in if you have a spare desktop that you can load up with a ton of RAM.
Q: who you see Openstack in this Area, i saw this often as alternative to VMware, whats your exp on it
What's the best option if I just want to run a shitty windows program that doesn't work anywhere else?
Most simple pre-windows 10 software would run in "Linux Wine" without any hypervisors
@@dvr2alarm we're talking about a shitty tax software that has to do a lot of weird magic. Wine didn't cut it.
Lxc containers just crying in the background
Next week: Bochs emulator
you didn't mention the main advantage of containers which is that you can share containers and they can run everywhere..
unikernels when
The Problem about the docker is not virtualization is the definition of virtualization.
Containers or jails as they were called in the old days are a completly different way of doing things then the classical i will run a Computer in a computer. It's more like I run an OS inside an OS or arguably i run a Userspace inside a Userspace.
With that point of view of virtualization one could argue, that a real bare metal hypervisor is just 2 Computers running on the same Hardware and not virtualization. And the only true virtualization is Type two Hypervisors.
Yeah I always wondered about the definition of Type-1 hypervisors. I guess it's because the operating systems aren't installed directly to hardware but through a hypervisor that acts as a middleman between the hardware and OS's.
I found VirtManager more usefull than VirtualBox
Reminds me of single GPU passtrough.
You smart, you loyal and I appreciate you
choek segde te gleam
GPU passthrough is something you can do with virtualization. It reminds you of it because that's what it is. Amazing.
@@ldskjfhslkjdhflkjdhf I know. I said it as a joke because months ago I spammed a ton of videos on this channel with a request for a "Single GPU passtrough" video tutorial.
Based
7:07 like what??
Last time I was this early firefox was still emerging