Taxonomy of Virtualization Techniques
Virtualization is not a single technology — it is a family of techniques applied across different layers of the computing stack. The taxonomy is organized along three primary axes: Execution, Storage, and Network virtualization.
---
Axis 1: Execution Virtualization
Execution virtualization abstracts the processing environment. It has three sub-levels:
A. Machine-Level Virtualization
The hypervisor virtualizes the entire hardware platform. Guest OSes run unmodified (or with minor cooperation).
- Full Virtualization: Guest OS runs completely unmodified. Hypervisor traps privileged instructions and emulates them. Examples: VMware ESXi, KVM with hardware-assisted VT-x/AMD-V.
- Para-Virtualization: Guest OS is modified to issue hypercalls instead of privileged instructions, communicating directly with the hypervisor. More efficient but requires OS changes. Example: Xen with PV guests.
- Partial Virtualization: Only some hardware resources are virtualized. Not all privileged instructions are handled; not all guest OSes can run unmodified. Historically used in research contexts.
B. OS-Level Virtualization (Containers)
The host OS kernel is shared among multiple isolated user-space instances (containers). No separate guest kernel is needed.
- Examples: Docker, LXC, Podman.
- Lighter than full VMs; millisecond startup; but less isolation (shared kernel).
C. Programming-Language-Level Virtualization
An abstract virtual machine interprets or JIT-compiles language bytecode, providing a portable execution environment.
- JVM (Java Virtual Machine): Java bytecode runs on any platform with a JVM.
- CLR (Common Language Runtime): .NET's virtual execution engine.
---
Axis 2: Storage Virtualization
Physical storage resources are pooled and presented as logical volumes.
- SAN (Storage Area Network): Block-level storage accessed over Fibre Channel or iSCSI. Appears as local disk to hosts.
- NAS (Network-Attached Storage): File-level storage over NFS or SMB. Simpler management.
- Distributed/Virtual File Systems: GFS, HDFS, Ceph — abstract storage across commodity hardware.
---
Axis 3: Network Virtualization
Physical network infrastructure is abstracted into logical networks.
- VLANs: IEEE 802.1Q tagging isolates broadcast domains on shared switches.
- VPNs: Encrypted tunnels create private logical networks over public infrastructure.
- SDN (Software-Defined Networking): Control plane separated from data plane; centralized programmable controller (OpenFlow).
- Overlay Networks: VXLAN, GRE — encapsulate packets to extend L2 over L3 networks.
---
Taxonomy Diagram
Execution Virtualization Comparison
| Feature | Full Virtualization | Para-Virtualization | Partial Virtualization |
|---|---|---|---|
| Guest OS modification | None required | Required (hypercalls) | Sometimes required |
| Performance | Good (with HW assist) | Better (less trapping) | Variable |
| Hardware support needed | VT-x / AMD-V | Not mandatory | Minimal |
| Examples | VMware ESXi, KVM | Xen PV, early Hyper-V | Research systems |
| Guest OS compatibility | Any OS | Modified OS only | Limited |
Containers vs VMs (Brief)
Containers (OS-level virtualization) share the host kernel and are therefore faster to start and cheaper in overhead. VMs provide stronger isolation by running a full guest kernel. In practice, modern cloud platforms use both: VMs for isolation between tenants, containers for application packaging within a tenant's environment.