A Secure and High-Performance Virtual Machine Monitor
Cloud Hypervisor is an open-source Virtual Machine Monitor (VMM) designed to run cloud workloads efficiently on top of KVM (Kernel-based Virtual Machine) and Microsoft Hypervisor (MSHV). Developed in Rust, this project prioritizes security, high performance, and a minimal footprint while maintaining compatibility with modern architectures.
Key Features and Objectives
Cloud Hypervisor offers a set of advanced virtualization capabilities, making it an optimal choice for cloud service providers. Among its core objectives are:
- Minimal emulation: Reducing complexity to enhance security and performance.
- Low latency & low memory footprint: Optimized for high-speed workloads.
- Small attack surface: Written in Rust, ensuring memory safety and reducing vulnerabilities.
- 64-bit support only: Exclusively supporting modern architectures.
- Hotplug support: Allowing dynamic CPU, memory, and PCI device expansion.
- Machine-to-machine migration: Ensuring seamless VM transitions.
Supported Architectures and Guest Operating Systems
Cloud Hypervisor is compatible with x86-64 and AArch64 architectures, with minor functional differences. The VMM supports 64-bit Linux, Windows 10, and Windows Server 2019 as guest operating systems.
Getting Started with Cloud Hypervisor
Host System Requirements
To run Cloud Hypervisor effectively, the host system should have Linux Kernel 5.13 or later for KVM-based deployments. For users preferring pre-built binaries, they are available for x86-64 and AArch64 platforms.
Alternatively, Cloud Hypervisor can be built from source, requiring the Rust toolchain and dependencies to be set up before compilation.
Booting Linux with Cloud Hypervisor
Cloud Hypervisor supports both direct kernel boot and firmware-based boot. Users can utilize Rust Hypervisor Firmware or an edk2 UEFI firmware for loading guest systems.
Example of booting a Linux guest VM:
$ wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
$ qemu-img convert -p -f qcow2 -O raw focal-server-cloudimg-amd64.img focal-server-cloudimg-amd64.raw
$ wget https://github.com/cloud-hypervisor/rust-hypervisor-firmware/releases/download/0.4.2/hypervisor-fw
$ ./cloud-hypervisor \
--kernel ./hypervisor-fw \
--disk path=focal-server-cloudimg-amd64.raw \
--cpus boot=4 \
--memory size=1024M \
--net "tap=,mac=,ip=,mask="Cloud Hypervisor also supports custom kernels and disk images, providing flexibility for users who need tailored configurations.
Cloud Hypervisor Status and Roadmap
Current Features
Cloud Hypervisor is under active development and supports:
- Hotplug for CPUs, PCI devices, and memory resizing.
- Virtio-based paravirtualized devices, including networking, block storage, and vsock.
- Live migration capabilities over TCP connections.
- Snapshot and restore functionalities (in progress).
Performance Enhancements
Recent updates have introduced notable improvements:
- Virtio-block optimizations, significantly enhancing throughput.
- Reduced CPU contention, minimizing performance bottlenecks.
- Expanded support for VFIO devices across different architectures.
How Cloud Hypervisor Differs from Firecracker and Crosvm
While Cloud Hypervisor shares some similarities with Firecracker (Amazon) and Crosvm (Google), its primary focus is on general-purpose cloud workloads, rather than strictly container-based or serverless computing.
Comparison Highlights
- Cloud Hypervisor: General-purpose cloud VMM, with comprehensive virtualization features.
- Firecracker: Focused on lightweight microVMs for serverless and containers.
- Crosvm: Optimized for Chrome OS and lightweight Linux VMs.
Cloud Hypervisor leverages components from the Rust VMM project, sharing common virtualization modules to ensure security and efficiency.
Community and Contribution
The Cloud Hypervisor project welcomes contributions from developers worldwide. There are several ways to participate:
- Contribute code, bug reports, and documentation.
- Join discussions on Slack and mailing lists.
- Report security issues directly to the maintainers.
For more details, visit the official Cloud Hypervisor GitHub repository.
Final Thoughts
Cloud Hypervisor represents a modern, secure, and performance-driven approach to virtual machine management in cloud environments. By prioritizing efficiency, security, and compatibility, it is well-positioned to become a leading solution for cloud providers looking to optimize their virtualization infrastructure.
