The Cloud Hypervisor
ZeroVM is the first hypervisor designed specifically for the cloud. It is open-source and free to use.
Main Article: Why ZeroVM
The current architecture of the cloud is fundamentally broken, because it relies on hypervisors that were designed for a world that doesn't exist any more. That world was one where servers lived in-house and heavy client-server applications ruled the enterprise.
So, we built ZeroVM.
ZeroVM is an open-source lightweight virtualization platform, based on the Google Native Client project. It offers three major benefits:
- Speed: The fastest virtual servers in the market today take at least 2 minutes to create. ZeroVM takes less than 5 milliseconds, or about 1/20000th of that time. This huge speedup makes it possible to separate every single task into its own container.
- Isolation: ZeroVM is the first hypervisor to isolate each individual user of an application. Old fashioned hypervisors require sharing of one virtual server between multiple users, making app development much harder.
- Efficiency: ZeroVM only virtualizes the server parts that do the actual work. Existing clouds are giant server farms that are spending precious resources virtualizing unneeded things.
ZeroVM Features & Differences
ZeroVM is differentiated from traditional virtualization by the following:
- C & UNIX process abstraction: Instead of presenting a hardware abstraction to the developer, ZeroVM presents UNIX style processes, which of course communicate through pipes (unlike KVM / XEN / VMWare).
- Disposable VM per request: In ZeroVM, each instance is not reused between requests. A new clean VM is created for every incoming request.
- Easily Embeddable: ZeroVM is a hypervisor with an executable size of ~75KB. It is easily embedded into existing storage systems enabling local processing.
- Highly Performant: ZeroVM requires negligible overhead for CPU, Memory and IO. This makes it great for number-crunching applications, whereas significant IO overhead still exists with KVM / XEN / VMWare.
- Fully leverage underlying hardware: Vectorization and manual optimization of inner loops (unlike JVM).
- Truly secure isolation: ZeroVM has no need for additional inner sandboxes (unlike LXC/OpenVZ) or outer sandbox (unlike JVM). ZeroVM derives its security from the proven Chrome NaCl.
- Deterministic: Unlike other hypervisors, ZeroVM uniquely is deterministic, and hence offers true portability, productive development, automatic failover and transparent VM migration.
- Transactional: ACID transactionality on VM level, which is unique to ZeroVM.
- Network-neutral: Pipes can be backed, transparently, by any transport: inproc, IPC, RDMA, InfiniBand, TCP/IP, etc.. This is unique to ZeroVM.
- Easily Clusterable: No network virtualization is needed. Cluster routing is also deterministic, automatically recoverable and transparently movable. This is not available in other platforms like KVM, XEN or VMWare.
- Host-OS neutral: ZeroVM decouples VM abstraction from host OS abstraction so it can run on many unmodified OSes in the mode of an ordinary application. ZeroVM doesn't expose host syscalls, but rather re-implements them as a part of the untrusted component of ZeroVM. This is unlike Chroot/LXC/OpenVZ.
- Language-neutral: C/C++/Assembly and hence anything else is also supported. For example, Python, Ruby, PHP, Perl can all be executed in ZeroVM with their native interpreter compiled to ZeroVM ISA.
- Portable: We are working on a portable version, in which LLVM bitcode will be dynamically compiled inside a VM to either ARM or Intel. Meanwhile the developer is required to re-compile (just like with any other C/C++ app) (unlike everything but JVM). Please note that dynamic languages work as-is when using their native interpreter.
- Hyper-elastic: ZeroVM makes it practical to spawn virtual clusters for both long and short duration. For example 1000 ZeroVMs can be provisioned for just 10 seconds each across an entire cluster.
- Uniform: All VMs have a completely identical execution environment every time they are substantiated: identical instruction set, identical amount of memory, identical IO, etc. Hence any ZeroVM executable binary runs on any ZeroVM host, always, and each takes exactly same path due to determinism.
- Nestable: ZeroVM can be nested with non-accumulating overhead and reliably models hierarchical trust domains like IaaS<PaaS<SaaS<Extentions.
- Aggregatable: ZeroVM can aggregate many physical servers and represent them as a single virtual system. Moreover, ZeroVM can represent any number of virtual systems backed by any number of physical servers. This is unlike everything but ScaleMP and Ravello.