 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
There’s a new virtual machine monitor (VMM) in town: OpenVMM. This new open source, cross-platform, modular VMM represents a step forward in Microsoft’s commitment to open source technologies and secure, efficient virtualization solutions.
Of course, there are many VMMs. Hyper-V, QEMU, and VirtualBox all quickly come to mind. What’s different about OpenVMM is that it’s written in Rust. That’s important because, as Joe Stocker, CEO of Patriot Consulting, a Microsoft security company, wrote on Twitter, “Rust is more secure than C or C++ because its ownership model and borrow checker enforce strict compile-time memory safety and concurrency guarantees, preventing common vulnerabilities like null pointer dereferencing, buffer overflows, and data races.”
OpenVMM is designed to operate on various operating systems, showcasing Microsoft’s dedication to cross-platform compatibility. The project, available on GitHub under the MIT license, supports a wide range of architectures and virtualization APIs, making it a versatile and powerful tool for developers and system administrators alike.
Primarily developed as a component of OpenHCL, Microsoft’s new open source paravisor for confidential computing VM. OpenVMM enables hardware-backed confidential VMs and supports existing operating systems without modifications. It can also manage conventional VMs.
Specifically, for OpenHCL, OpenVMM supports virtual operating system guests with assigned devices and provides device translation support. Additionally, it allows users to share confidential and non-confidential architecture and guests. In both cases, the VMM provides the same services tailored to each requirements. This, according to Microsoft’s Caroline Perez-Vargas in a blog post, “avoids fragmented virtualization solutions among confidential and non-confidential VMs, moving towards closing the feature gaps of confidential VMs.”
However, it’s important to note that OpenVMM is still in its early stages. Microsoft has been transparent about the project’s current limitations, stating that it’s not yet ready for production use. The company describes it as “more akin to a development platform for implementing new OpenVMM features, rather than a ready-to-deploy application.”
Specifically, “not a lot of “polish” has gone into making the experience of running OpenVMM in traditional host contexts, particularly “pleasant. This lack of polish manifests in several ways, including but not limited to:
In short, you can use OpenVMM without too much pain in Azure and in partnership with OpenHCL. For any other uses, though, you’ll be pretty much on your own.
That said, OpenVMM could become a significant player in the virtualization ecosystem. But make no mistake about it: we’re in the very early days of making OpenVMM a generally useful hypervisor. For the specific use case of running both confidential and run-of-the-mill VM workloads, OpenVMM demands your attention.
