KVM (Kernel-based Virtual Machine) is an open-source virtualization technology built into Linux. It allows the kernel to function as a type-1 hypervisor. KVM requires a x86 processor with hardware virtualization features, specifically Intel VT-x or AMD-V extensions, to execute guest instructions directly on the host CPU.
The architecture leverages the existing Linux kernel features for resource management, including the process scheduler, network stack, and memory management unit (MMU). Each virtual machine is a standard Linux process, which allows system administrators to use standard tools like top, kill, or cgroups to manage VM resources and priorities.
How it works
- Hardware Access: KVM provides the
/dev/kvminterface, which user-space tools like QEMU use to set up the guest's address space and provide emulated devices. - Optimization: Through
virtio, a paravirtualization framework, KVM reduces the overhead of I/O operations by allowing the guest OS to cooperate with the hypervisor. - Security: It utilizes SELinux and sVirt to provide mandatory access control (MAC) and isolate virtual machines from the host and each other.
KVM is the industry standard for Linux-based cloud infrastructures, powering major providers like Google Cloud and AWS. In production environments, KVM-based instances typically maintain over 95% of native CPU performance, making it suitable for compute-intensive workloads.