Intel announced the launch of a new version of the hypervisor "Cloud Hypervisor 0.3" which eIt's an open source virtual machine monitor running over KVM. The project focuses on exclusively running modern workloads in the cloud, plus a limited set of hardware platforms and architectures.
Cloud workloads refer to those that are typically run by clients within a cloud provider. The hypervisor is based on the components of the joint Rust-VMM project, in which Alibaba, Amazon, Google and Red Hat also participate, in addition to Intel.
Rust-VMM is written in Rust and allows you to create specific hypervisors for specific tasks. Cloud Hypervisor is one of those hypervisors that provides a high-level Virtual Machine Monitor (VMM) and is optimized to meet the challenges of cloud computing.
Cloud Hypervisor focuses on releasing modern Linux distributions using paravirtualized virtio devices.
Of the key tasks stand out: high responsiveness, low memory consumption, high performance, simplified configuration and reduced potential attack vectors.
Emulation support is minimized and the emphasis is on paravirtualization. Currently only x86_64 systems are supported, but the plans also include support for AArch64. Of the guest systems, currently Only 64-bit Linux builds are supported. CPU, memory, PCI and NVDIMM are configured at the build stage and virtual machines can also be migrated between servers.
The project code is available under the Apache 2.0 license.
Main new features of Cloud Hypervisor 0.3
In this new version of Cloud Hypervisor 0.3 stands out elimination of paravirtualized I / O in individual processes. For interaction with block devices, the ability to use vhost-user-blk backends has been added.
The change allows to connect block devices based on the vhost -user module, like SPDK, to the Cloud Hypervisor as backends for paravirtualized storages.
El support for removing network operations on vhost -user-net backends that appeared in the previous version are extended with a new backend based on the TAP virtual network controller. The backend is written in Rust and is now used by Cloud Hypervisor as the primary paravirtualized network architecture.
To increase the efficiency and security of communications between the host environment and the guest system, a hybrid implementation of sockets with AF_VSOCK addressing is proposed (virtual network sockets), working through virtio.
The implementation is based on the experience of the Firecracker project, developed by Amazon. VSOCK allows you to use the standard POSIX socket API for interaction between applications on the guest system and the host side, which facilitates the adaptation of regular network programs for such interaction and to implement the interaction of several client programs with a server application.
Another change that stands out is that initial support is provided for the management API using the HTTP protocol. In the future, this API will allow you to start asynchronous operations on guest systems, such as hot-plugging resources and migrating environments.
Also highlighted is the addition of a layer with the virtio MMIO (virtio memory mapped) -based transport implementation, which can be used to create minimalist guest systems that do not require PCI bus emulation.
As part of an initiative to expand support for embedded guest release, Cloud Hypervisor has added the ability to forward paravirtualized IOMMU devices through virtio, which can increase the security of embedded and direct device forwarding.
Finally of the other novelties that are highlighted in the ad, are the sSupport provided for Ubuntu 19.10, and also the added ability to run guest systems with more than 64GB of RAM.
If you want to know more about it, as well as being able to work with this Hypervisor, you can check the details In the following link.