“Para“ is an English affix of Greek origin that means "beside," "with," or "alongside.” Paravirtualization is another approach to server virtualization where, rather than emulate a complete hardware environment, paravirtualization acts as a thin layer, which ensures that all of the guest operating systems share the system resources and work well together.
Under paravirtualization, the kernel of the guest operating system is modified specifically to run on the hypervisor. This typically involves replacing any privileged operations that will only run in ring 0 of the CPU, with calls to the hypervisor (known as hypercalls). The hypervisor in turn performs the task on behalf of the guest kernel and also provides hypercall interfaces for other critical kernel operations such as memory management, interrupt handling and time keeping.
Paravirtualization tries to fix the full virtualization problems by allowing the guest operating systems to gain direct access to the underlying hardware, thus it refers to communication between the guest OS and the hypervisor to improve performance and efficiency. Since it involves modifications to the OS, paravirtualization is also sometimes referred to as OS-Assisted Virtualization.
Paravirtualization, where the guest OS "knows" it is being virtualized, is different from full virtualization, where the unmodified OS does not know it is virtualized and sensitive OS calls are trapped and translated using binary translation.
There are two advantages to this approach:
- The ability of the guest kernel to communicate directly with the hypervisor results in greater performance levels. Total virtualization, you’ll recall, inserts an entire hardware emulation layer between the guest operating system and the physical hardware. By contrast, paravirtualization’s thin software layer acts more like an air traffic controller for virtualized servers, allowing one guest OS access to the physical resources of the hardware while stopping all other guest OSs from accessing the same resources at the same time. This method is generally much more efficient than traditional hardware emulation virtualization The value proposition of paravirtualization is in lower virtualization overhead, but the performance advantage over full virtualization can vary greatly depending on the workload;
- The second advantage of the paravirtualization approach compared to full virtualization is that paravirtualization does not limit you to the device drivers contained in the virtualization software; in fact, paravirtualization does not include any device drivers at all. Instead, it uses the device drivers contained in one of the guest operating systems, referred to as the privileged guest. Without going into too much detail about this architecture here, suffice to say that this is a benefit, since it enables organizations to take advantage of all the capabilities of the hardware in the server, rather than being limited to hardware for which drivers are available in the virtualization software as in total virtualization.
- Paravirtualization requires the guest operating systems to be modified in order to interact with the paravirtualization interfaces. This typically limits support to open source operating systems such as Linux, which may be freely altered and proprietary operating systems where the owners have agreed to make the necessary code modifications to target a specific hypervisor. As paravirtualization cannot support unmodified operating systems (e.g. the Windows family), its compatibility and portability are poor;
- Paravirtualization can also introduce significant support and maintainability issues in production environments as it requires deep OS kernel modifications.
The open source Xen project is an example of paravirtualization that virtualizes the processor and memory using a modified Linux kernel and virtualizes the I/O using custom guest OS device drivers.
Conclusion: Paravirtualization is not ‘Full Virtualization’ since it involves modifications to the Guest OS. Therefore, while it does bring about a significant improvement in terms of virtualization overhead, it has its limitations when it comes to compatibility and portability. However, recent developments have allowed Xen to run unmodified OSes using hardware assistance techniques. I’ll go into that in a future article.