The open source hypervisor KVM (Kernel-based Virtual Machine) is gaining ground in the enterprise. KVM adoption echoes the early days of Linux since organizations, by now familiar with server virtualization, are evaluating not only hypervisors from the current market leaders but also open source approaches. According to data from IDC, KVM is growing at 150% year over year in terms of unit shipments, with over 100,000 servers already using it worldwide for virtualization.(1)
Expanded use of KVM is also occurring as part of a broader trend in which organizations are opting to deploy more than one hypervisor in their data centers. Termed “hyperversity” by Gabriel Consulting Group, organizations are avoiding standardization on a single hypervisor, and are increasingly willing to select the right tool at the right price.
A strong area for KVM is among organizations that already have Linux servers deployed in their data centers, and who are looking to consolidate workloads or build a flexible infrastructure. The reasons for KVM’s early adoption among current Linux users are varied, but can be distilled down to three main considerations – cost, security, and simplicity.
Since 2007, when KVM was first distributed as a core part of the Linux kernel, it has been considered a mainstream feature of Linux by enterprise users. Today, KVM is shipped with the major enterprise Linux distributors, including Red Hat, SUSE, and Canonical. This enables Linux shops to reduce the cost of ownership of virtualization, since they do not have to purchase a separate hypervisor. KVM can also support high server utilization, resulting in greater asset utilization, which in turn also results in cost efficiency.
Security is a concern for all organizations and KVM has distinct strengths in this area. SELinux (Security Enhanced Linux) enables Mandatory Access Control which delivers advanced, need-to-know security. Explicit permission is required for access to specific data and functions, rather than permissions being role-based. In addition, EAL4+ certification means that KVM is ready for adoption by governments and other organizations where security certification is required. This isolation is critical, for example, if a malicious program is trying to break out of its own virtual machine to access the host or another virtual machine. With the combination of both SELinux and its EAL4+ certification, KVM provides strong enterprise-level security.
- Out of the box integration: Since KVM comes with Linux distributions, it is pre-integrated and pre-tested so Linux customers do not have to implement a separate hypervisor on their own.
- Linux Skills: For organizations that are already deploying Linux in their data center, KVM will be familiar. The KVM tool chain is integrated with the Linux tool chain and many of the commands that one would use to manage the lifetime of a virtual machine are the same commands that would be used to manage processes in a Linux server. This means organizations can rely on one set of skills.
- KVM Support for Windows Guests: Despite the misconception that it can only run Linux guests, KVM is in fact a first-class hypervisor for Windows guests as well. In fact, KVM was created originally to support virtualized Windows desktops. The ability to run both Linux and Windows workloads supports enterprise flexibility.
Proven KVM Success
In the six years since it became a core part of Linux, KVM has had time to earn users’ trust. When a technology is new it tends to be mistrusted, but greater acceptance is building now as more enterprise use cases for KVM are documented and shared.
Jean Staten Healy - Director, Wordwide Linux and Open Virtualization, IBM