Hypervising

I was browsing a bit today, navigating and reviewing old material relevant. One of those rabbit holes that the more I explore the more I want to make sure my mental model is correct. This time around I was looking at hypervisors. I like the name but I never felt like it communicates well what they do, but again naming is hard so let's move on.

Hypervisors are just software. They manage a host resources so that they can be used more efficiently.

If you grab any computer and think of it as a combination of CPU, RAM, Network, and Storage it is intuitive to think that, as the only user, you can utilize all of these resources to set up a simple server. You probably won't use ALL of them but you still paid for them. That's a shame and you decide that you don't want to waste them.

In your generous spirit you allow your friends to run their servers on your computer. This is great! But when it comes to resource utilization (e.g. RAM) it's the wild west. Any server application can use any amount of RAM or CPU. That's not great. A hypervisor helps mitigating that. It is a software that partitions these resources. Intuitively this can simply mean that now your CPU is divided into 4, the RAM is divided into 4 and so on. Your system is organized in a way that can allow running 4 servers with each having the same exact amount of resources available, evenly distributed.

Here's the thing though, each server now has dedicated resources but they are not "real". A piece of software (the hypervisor) is making it look like that's all it's available to that server, which is why we call it "virtual".

Each sever then, since it's now using virtual RAM, virtual CPU and virtual Network is called a Virtual Server. But this is not just about splitting resources, it's about isolating each virtual server so they don't interfere with each other. If you remember my thought from yesterday about processes, I highlighted the importance of preventing any process from accessing data of another process. Here we worry about the same issue, we want to make sure that each Virtual Server can only access its own data and nothing else. The Hypervisor helps with that so you don't have to.

Thoughts

I remember a long time ago when I thought certain fundamental components of any "modern" system were a black box. I then realized they are just a piece of software, like a database or a hypervisor. It's just code. Surely some are much harder to write than others, but they are just lines of code. The idea of a hypervisor is pretty fascinating and not particularly recent, they are now many decades old. The silly scenario from my thought summarizes it well although the reason behind utilizing resources more efficiently was related to cost rather than generosity (which is absolutely fair). The concept of hypervisors has stayed relevant with the advent of cloud computing. You gotta use those machines well but also you wanna do it in a secure way. When exploring isolation, knowing at which level it happens gives you a better understanding of the surface area you're exposing. The bigger it is the higher the risk.