Different Types of Virtualization 

I run all my software within my turning complete Minecraft Redstone computer. it is always safe to do so, not many viruses have gotten through my actual system yet.

I like how he just gets straight to the point

Mental Outlaw, the man carrying me through my cybersecurity degree.

Perfect timing with the Windows 11 leak

the matrix is the only kind of virtualization

For those still not clear on the container-based virtualization (CBV) and hypervisor-based virtualization (HBV). CBV like Docker virtualize the OS. It captures system/kernel calls, like opening file handles, making network sockets, making new threads etc. and translates these system calls to the native host's system calls. There is no separate guest OS running for the guest application. The application runs directly on the host OS, but it can't access other files and folders because it is namespace-isolated. The "/" directory for the guest application might be "/home/username/appname/" for you. HBV like VirtualBox, QEMU, VMware and more virtualize the hardware instead of the OS. So you do in fact run a guest OS on top of your host OS. System calls are not translated for the guest app, it talks directly to the guest OS. It is when the guest OS tries to fulfil the system call by talking to hardware, is when the hypervisor comes into play. When the guest OS for example wants to read sector X of your HDD, it translates that to what location in the actual, physical HDD it belongs to, and then the corresponding file is requested by the hypervisor from the host OS (for type-2, in type-1 the hypervisor is also the host OS so it simply reads the corresponding sector itself), gets the file, read the right location, and return it back to the guest OS, which returns it to the guest app. You can see why this might be slow. (CBV and HBV are not actual abbreviations, I just made them up for my own convenience.)

During my school days virtualization was so annoying. Making whole VM network was a pain.. but I'm time I start to see pros and cons of it. Nowadays I can't live without for example proxmox. This tech became so convinient ...

One thing that I noticed is that VirtualBox works pretty good inside Windows even in a low end machine, but on Linux for whatever reason it's incredible slow, at least for me. Then I tried Qemu + KVM and boom, loading and installation times got really fast. Unfortunately the graphics virtualization just sucks unless you do a PCI passthrought. But honestly on Linux the best virtualization experience is going to be with Qemu with virt-manager.

An episode on Qubes would be really cool

I feel like that 10 minute explanation was exactly what I needed I got so much information it was unreal. I was looking at type one hypervisors and wanted to know a little more about them.. Yeah this put a lot of information into perspective and I highly recommend this video for learning more about virtualization.

Thank you for the many videos lately. Really enjoying these.

So, I feel the need to be pedantic. VirtualBox's BIOS is GPLv2, and easily visible in the source tree, in src/VBox/Devices/PC/BIOS (for BIOS) or src/VBox/Devices/EFI/Firmware (for EFI).

This channel is a gem

kvm is actually for type-1 virtual machines. Installing it effectively turns the "host" operating system into a type-1 hypervisor, since all hypervisors do need basic OS features. The difference is that you still have complete access to the underlying components since they are just a linux OS, so you can trat it as if it is a type-2 virtualizer if you want to.

Muta: **zips pants**

containers are not related to virtualization at all, they are native applications running natively on the host hardware, even using the same kernel, they are just as separated from all the other components of the system (security-wise) as possible. they can have similar limits (like RAM, CPU, etc.), and serve similar purposes like virtualization, but they are not the same kind. not at all.

Hypervisers Type 1 0:00 Xen & Qubes OS 2:00 Type1 vs 2 vs 1.5 3:43 Type 2 4:50 Docker 7:23

PCI-e passthrough is a pain to deal with sometimes, but whenever it works it's amazing. I tried to pass a quad gigabit nic from Proxmox to a VM, but the card was on the same IOMMU group as the internal NIC so it passed in both and I lost access to the Proxmox web gui, later I found out that it's impossible to seperate them because of the electrical wiring on the motherboard itself. Fun times.

Thank you for this. I wasn't sure exactly what all the hype around containers like Docker or Kubernetes was...

Hey thanks for making a vid on Qubes OS; I've been wanting a straight forward explanation about it.

I was just wondering about this! Watched a video that touched on KVM less than an hour ago.

i like your comment about security through obscurity!

You got me into virtualizing windows

thanks for the explanation, cheers!

Bit of a clarification: As far as the type 1 hypervisor for VMware goes, that'd be ESXI. Vsphere is the configuration manager.

Thanks a lot, learned a lot!

gpu passthrough with qemu-kvm is the best thing ever

VMs are great for compartmentalisation. I should’ve gotten into them sooner

Different style video but I liked it a lot :)

This might be helpful for the SEC+ cert I'm currently studying for thanks!

Aw yes I'm hooked

Good video. You can also usb passthrough to qemu ;)

Thank you for this video, Now I can do pci express pass through for free, Something that should come with and be expected in virtual machines.

Great vid, but I wish you would've talked more about Xen and KVM.

very nice

Thanks 🙏

Can you do QEMU tutorial? All the ones I'm finding are bad and the documentation is not beginner friendly.

Next video lets talk about containers please!

Finally... A straightforward, no BS overview focused on the most used choices within virtualization/containerization, their practical application, and comparisons of how each relates to another. Great video and even better demonstration of knowledge related to these technologies. I don't understand why there isn't other content like this among other reputable content creators. It seems like most other videos are more geared towards a singular view or comparison. 👍

How about Proxmox as a bare metal hypervisor? It's free and opensource and really nice to use.

1. cpu demand can be quite high due to anti cheats and drm especially denuvo. 2. if you are not playing online anti cheat should not be a problem. 3. i think a simple supervisor/warden like system could be built into the vm that reserves a few cpu cycles to detecting if the vm is not responding and reboot it. it would be like the mac books have where they will reboot if they freeze

Nice, now why not a few videos on installation and use of Dockers, QEMU and virt-manger?

Qemu and vmware workstation would be hybrids, because they can both operate as Type 1 or Type 2 depending on if they are using host accel, IE. Kvm/WHPX. Also anticheats are starting to block VM gaming

Docker is cool but I do really recommend also LXD/LXC Linux containers + WEB manager LXDUI.

I swear you know exactly what I am working on..

i remember qemu being part of using swift on arm originally

Ey bro I love the content. This video came out a week after I bought myself my server.

Good video I don't quite understand the difference between type 1 and type 2 tho. Like what exactly does type 1 do to run on the hardware and get better performance?

Check containerd it is basically replacing docker to be the standard

yesssss

It's worth mentioning that with PCIe passthrough, you don't generally need to buy a second graphics card if your CPU has integrated graphics.

VMs are pretty good for gaming, but I've had trouble running some games on them. They're good, but not perfect.

We need something like SR-IOV support for the consumer GPUs, then we would be able to run everything virtualized with full hardware acceleration without any container or VM being able to access anything which doesn’t belong to it, would be much more secure and great for Linux gaming, cause no GPUs are available, and currently we need at least two to run a Windows VM for Gaming, which is ridiculous. Basically one idling all the time, the other working. While nobody gets a single GPU. Nvidias 3000 lineup support SR-IOV via hardware, but that’s it, they wait for AMD or whomever to enable it first to magically get that feature either if needed to be more competitive. We need to demonstrate against that shit, that feature is really important and should be enabled for everyone. Currently only super expensive pro cards for 10 grand or whatever and or with monthly multiple grand subscription fees you get that feature eventually. AMD had one card a few years ago a FirePro or whatever forgot the name, super expensive card worse than consumer cards, but without subscription. Level1Tech does good videos about it. Cards without sth. similar to SR-IOV should be illegal. Imagine your CPU not being able to run virtual machines.

I was just going to create a virtual machine, thank you!

Have you heard about Jails in FreeBSD. I know you don’t talk about the BSDs but it’s one of the oldest virtualization system that has very little overhead.

One of the things I like to do with VMs is a 1 pc 4 people set up. Which basically 4 people sharing one pc. Each one have their own VM windows. Problem with this setup is that you need a beefy PC, luckily my work station pc has a threadripper 3990x, 64gb ram and 2060 super + radeon 7 so this is doable for me...

Where does the standart Windows sandbox stands? From description it is container based. Is it any good compared to alternatives?

I really wish nvidia would enable sr-iov on their consumer cards. Would love to run linux host and windows gaming vm on kvm on one card

IBM POWER/pSeries systems have a hypervisor at the firmware level. Moreover, most setups use multiple Virtual I/O Servers that run as LPARs (VMs). Quite a bit different than the type 1 hypervisors you see on Intel/AMD platforms.

"You're typically not gonna see a type 1 especially at a home desktop" Uh, the very prolific WSL2 for consumer windows would like a word.. If you [somehow] haven't heard of it, it's like Qubes except your interface in your regular windows install, and you can just run any native linux code through the windows ui on the linux sibling hyperv kernel/s Not for security, but ease of use and is pretty stellar. P9-facilitated, seamless, two-way filesystem mounts, cli interactivity, and graphics & raw disk passthroughs. But only for linux and no real control over other block devices for the linux kernel (but it *is* a real kernel and ive compiled my own to get wireguard working and it operates very close to metal).

Yes qubes is awesome and easy

Ive been wondering why you dont use QEMU/KVM with virt-manager, can you tell me why that is?

are there any VMs out there that literally simulate a CPU? that would be super slow but I imagine it could be the most secure vm possible

Thank you for uploading this, I'm literally getting windows 11 ready for testing. I will definitely try these sometime.

For someone who doesn't know computers, how long (estimate) would it take to learn Linux?

YES! HE SAID DOCKER!

Even if you have a CPU older than a decade and that doesn't support virtualization, you can still run virtual machines.

I tried xcp-ng, but the boot from USB install media ends with reboot without any message. Safe mode is way too slow, like screen scrolling messages up during boot takes 1 sec to scroll 1 line up to free space for the next message and I did not have the patience to wait more than 20 minutes and safe mode was still booting. I now use small Arch installation with kvm, libvirt and qemu. It is a lot of fun and frustration at the same time. I managed to successfully passthrough my Nvidia card. That took couple of days.

No outtakes? :)

Macs have integrated and dedicated graphics, could qemu work for gaming?

Aight then.

Is using VM on Windows good for privacy ? As in can Windows see everything I do on the VM?

Isn't Windows also a type 1 hypervisor? I remember reading somewhere that it is

I understand, Type-1 (Bare-Metal) : Hypervisors like Qubes-Os, Type-2 (Hosted) : VirtualBox w/proprietary BIOS, QEMU (free PCIe passthru) Docker Container But what is meant by KVM hypervisor available only on Linux? Windows only has Hyper-V? Where does WSL2 fit in?

Qubes: the best OS for coomers

Based

you didn't mention the main advantage of containers which is that you can share containers and they can run everywhere..

No mention of Proxmox? Shame! Proxmox is pretty cool to run VMs in if you have a spare desktop that you can load up with a ton of RAM.

I've used VirtualBox and Vagrant to match my development environment to that of my Digital Ocean instance when web developing. But haven't used VM for anything else. What am I missing? Anything fun.

Cover mixnets nym is the biggest

AFAIK Docker is not designed with security in mind and it appears to be afterthought. Any evidence to contrary?

If you don’t use a Kubernetes Cluster to play video games are you really playing video games?

What about LXD?? Or CHROOT?? (The latter is not a VM)

Make a tutorial about docker. tried it but got too booring to use it

So how secure is Docker? Since it's layer 3. Not that secure, huh?

I'm watching a mental outlaw video and get a notification for a new mental outlaw video. What s nice way to unwind from trying to get xorg working on ancient hardware and things NOT WORKING!

The Problem about the docker is not virtualization is the definition of virtualization. Containers or jails as they were called in the old days are a completly different way of doing things then the classical i will run a Computer in a computer. It's more like I run an OS inside an OS or arguably i run a Userspace inside a Userspace. With that point of view of virtualization one could argue, that a real bare metal hypervisor is just 2 Computers running on the same Hardware and not virtualization. And the only true virtualization is Type two Hypervisors.

If you are running Windows or MacOS in the host computer, you will still spin up a VM to run Docker. Docker requires Linux, and the trick to get it running on other OSes is to launch a VM with Linux, just the way Windows runs WSL or ChromeOS runs its Linux instance. So, Docker is only convenient in a fundamental way to Linux users. Also, you can't run nothing but Linux inside a Docker container.

Many hosters (Netcup for example) use KVM for virtualisation

Where would something like WSL fall into?

unikernels when

Does wine count?

Notif gang

Q: who you see Openstack in this Area, i saw this often as alternative to VMware, whats your exp on it

Next week: Bochs emulator

7:07 like what??

I found VirtManager more usefull than VirtualBox

Do video on TPM. Schizophrenia hitting hard.

If we manage to get virgil windows drivers, there will be no need to do gpu passthrough

Will you do a video on the windows 11 leak?