- ποΈ 2002 β Diane Greene's team at VMware demos ESX Server, the first production hypervisor for x86
- πͺ¦ Before ESX: a typical datacenter ran 5-10% CPU utilization because every app needed a dedicated box "to be safe"
- π After ESX: enterprises consolidated 10:1, 20:1, 50:1 β entire physical rooms emptied of servers, costs dropped 70%
- π The pattern made AWS possible: by August 2006, EC2 launched, renting virtual machines by the hour
- π Lesson: Software pretending to be hardware unlocked the entire cloud era
π€ Think: Before virtualization, "deploying QuickNotes" meant buying a server, racking it, and installing Linux. How would your weekend look?
| # | π Outcome |
|---|---|
| 1 | β Distinguish Type 1 vs Type 2 hypervisors with examples |
| 2 | β Explain what a VM image actually is (and isn't) |
| 3 | β Snapshot, restore, clone β the three superpowers a VM gives you |
| 4 | β Compare VM vs container (preview of Lecture 6) |
| 5 | β Spin a Linux VM in VirtualBox and SSH into it |
| 6 | β Use Vagrant to make VM setup reproducible (declarative, in Git) |
graph LR
A["πΎ What is a VM?"] --> B["ποΈ Type 1 vs Type 2"]
B --> C["π οΈ Lifecycle"]
C --> D["π¦ Images & Snapshots"]
D --> E["π Vagrant"]
E --> F["π³ VM vs Container"]
- π Slides 1-7 β VM fundamentals
- π Slides 8-12 β Lifecycle, images, snapshots
- π Slides 13-16 β Vagrant + the QuickNotes VM
- π Slides 17-21 β VM vs container, real story, takeaways
A VM is a software emulation of a complete computer β its own CPU, RAM, disks, NIC β running on top of real hardware.
graph TB
subgraph "Host"
H1["π§ Hardware (CPU, RAM, Disks, NIC)"] --> HV["πͺ Hypervisor"]
HV --> V1["π» VM 1<br/>Ubuntu + QuickNotes"]
HV --> V2["π» VM 2<br/>Windows + IIS"]
HV --> V3["π» VM 3<br/>Alpine + DB"]
end
- πͺ The hypervisor is the magic layer that fools each VM into thinking it has the whole machine
- π The VM has its own kernel β that's the key difference from a container (next lecture)
- β³ Hardware features make this fast: Intel VT-x (2005), AMD-V (2006), nested page tables (2008)
| Type 1 (Bare-metal) | Type 2 (Hosted) | |
|---|---|---|
| Where it sits | Directly on hardware | On top of a host OS |
| Examples | VMware ESXi, Microsoft Hyper-V, KVM (Linux kernel), Xen | VirtualBox, VMware Workstation, Parallels |
| Performance | Closer to bare metal | A few % slower (host OS overhead) |
| Use case | Datacenter / cloud | Developer laptops |
graph LR
subgraph "Type 1"
HW1["Hardware"] --> HV1["Hypervisor (KVM)"]
HV1 --> VM1["VM 1"]
HV1 --> VM2["VM 2"]
end
subgraph "Type 2"
HW2["Hardware"] --> OS2["Host OS"]
OS2 --> HV2["VirtualBox"]
HV2 --> VMa["VM"]
end
- π§ͺ In this lab you'll use VirtualBox (Type 2) β free, cross-platform, perfect for learning
- ποΈ AWS EC2, GCP Compute, every "cloud VM" is KVM (Type 1) behind the scenes
- π₯οΈ 1972 β IBM ships VM/370 on mainframes β virtualization was already old then
- π€ 1999 β VMware founders prove you can virtualize x86 even though the architecture wasn't designed for it (binary translation)
- ποΈ 2005-2006 β Intel VT-x and AMD-V add hardware support β 2-5Γ speedup
- π§ 2007 β KVM merges into the Linux kernel; suddenly every Linux box is a hypervisor
- βοΈ 2006-2008 β AWS launches EC2, S3, RDS β the cloud era is here
- π§ͺ 2013-2015 β Docker and Kubernetes start to eat the VM's lunch (Lecture 6)
π‘ Virtualization didn't replace bare metal β it added an option. Cloud + containers didn't replace VMs β they added more options. Pick the right tool, not the new tool.
stateDiagram-v2
[*] --> Image: download / build
Image --> Created: clone template
Created --> Running: power on (boot)
Running --> Paused: suspend
Paused --> Running: resume
Running --> Stopped: shutdown
Running --> Snapshot: snapshot
Snapshot --> Running: restore
Stopped --> [*]
| State | What it is | Disk footprint |
|---|---|---|
| Image | Cold file on disk (.vdi, .qcow2, .ova) | Base size |
| Created | VM exists in inventory but never booted | Same as image |
| Running | CPU + RAM allocated, OS executing | + RAM size on disk if paged |
| Snapshot | Copy-on-write fork of the disk | Ξ from base |
| Paused | RAM dumped to disk, VM frozen | + RAM file |
| Format | Origin | Compression | Snapshots |
|---|---|---|---|
.vdi |
VirtualBox | β | β |
.qcow2 |
QEMU/KVM | β | β (copy-on-write) |
.vmdk |
VMware | β | β |
.vhd / .vhdx |
Microsoft | β | β |
.ova / .ovf |
Open Virtualization Format | β (tar of VM + metadata) | β |
- π An image is a file. You can copy it, version it, scan it
- π Cloud images (Ubuntu cloud-images, Amazon Linux) are pre-baked with
cloud-initso they boot, accept your SSH key, install your packages, with no manual interaction - π§°
qemu-img convert -f qcow2 -O vdi src.qcow2 dst.vdiβ convert between formats
# VirtualBox CLI
$ VBoxManage snapshot quicknotes-vm take pre-deploy
$ VBoxManage snapshot quicknotes-vm restore pre-deploy
$ VBoxManage snapshot quicknotes-vm delete pre-deploy- βͺ A snapshot freezes the VM's disk + memory state at a moment in time
- πͺ€ Copy-on-write β the snapshot doesn't duplicate the disk; only changed blocks are written
β οΈ Snapshots are not backups β they live on the same disk. A failing disk takes both- π« Don't run a VM on dozens of snapshots β every read traverses the chain. Snapshot, restore, delete
π‘ In Lab 5, you'll snapshot a clean QuickNotes VM, deliberately break it, restore in 30 seconds.
| Mode | What it does | When to use |
|---|---|---|
| NAT | VM gets a private IP, shares host's IP for outbound | Default; just need internet from VM |
| Bridged | VM gets an IP on the same LAN as the host | Other machines on the LAN can reach the VM |
| Host-only | Isolated network between host β VM (no internet) | Lab environments, secret testing |
# VirtualBox: tell the VM to forward host port 8080 β VM port 8080
$ VBoxManage modifyvm quicknotes-vm \
--natpf1 "quicknotes,tcp,127.0.0.1,8080,,8080"- π§ͺ Lab 5 uses NAT with port forwarding so
curl localhost:8080/notesfrom your host reaches QuickNotes inside the VM
Vagrant turns "click through 27 GUI screens" into a single text file in Git:
# Vagrantfile
Vagrant.configure("2") do |config|
config.vm.box = "ubuntu/jammy64"
config.vm.hostname = "quicknotes-vm"
config.vm.network "forwarded_port", guest: 8080, host: 18080
config.vm.provider "virtualbox" do |vb|
vb.memory = 1024
vb.cpus = 2
end
config.vm.provision "shell", inline: <<-SHELL
apt-get update && apt-get install -y curl
SHELL
endvagrant up # build + boot
vagrant ssh # log in
vagrant snapshot save clean-quicknotes
vagrant destroy # nuke it from orbit- π One file = one reproducible VM. Commit it. Diff it. Code-review it
- π§ͺ Lab 5 ships you a
Vagrantfileas plumbing; you'll customize provisioning
For cloud VMs, cloud-init is the universal first-boot configurator:
#cloud-config
hostname: quicknotes
users:
- name: deploy
ssh-authorized-keys: [ssh-ed25519 AAAA...]
sudo: ALL=(ALL) NOPASSWD:ALL
packages:
- curl
- jq
runcmd:
- systemctl enable --now quicknotes
write_files:
- path: /etc/quicknotes/env
content: |
ADDR=:8080- π Supported by AWS, GCP, Azure, OpenStack, DigitalOcean β every cloud
- π§ͺ Lab 10 will use cloud-init to spin a Cloud Run-adjacent test VM
- π The same YAML works in Vagrant too
| Workload | vCPU | RAM | Disk |
|---|---|---|---|
| Idle Linux + sshd | 1 | 256 MB | 1 GB |
| QuickNotes (this course) | 1 | 512 MB | 2 GB |
| Postgres dev DB | 2 | 2 GB | 10 GB |
| Build/CI runner | 4 | 8 GB | 20 GB |
- π Over-provisioning wastes money in the cloud and host RAM on your laptop
- π Under-provisioning triggers OOM kills, swap thrashing, mystery slowness
- π§°
free -h,vmstat 1,iostat 1β measure before you guess - π‘ In Lab 8 (SRE) you'll learn to size based on observed load, not guessed load
| Virtual Machine | Container | |
|---|---|---|
| Has its own kernel? | β Yes | β Shares host kernel |
| Boot time | 30-90 s | 1-3 s |
| Disk size | 1-10 GB | 5-200 MB |
| Strong isolation | β Hardware-level | |
| Lifetime | Days to years | Seconds to days |
| Use it for | Multi-tenant clouds, full OS choice | Microservices, CI jobs, dev environments |
graph LR
subgraph "VM"
HV["Hypervisor"] --> KG["Guest kernel 1"]
HV --> KG2["Guest kernel 2"]
end
subgraph "Containers"
K["Shared host kernel"]
K --> C1["containerd 1"]
K --> C2["containerd 2"]
K --> C3["containerd 3"]
end
- π€ In production, containers usually run inside VMs (cloud-provided isolation + container density)
- π― Next lecture: containers in depth
- π οΈ Task 1 (6 pts):
vagrant upa Ubuntu 24.04 VM, install Go, build QuickNotes inside, expose:8080to the host, hit it withcurlfrom your laptop - πΈ Task 2 (4 pts): Snapshot the clean VM, deliberately break the binary, restore the snapshot, measure recovery time
- π Bonus (2 pts): Compare boot time + RAM footprint of a Vagrant VM vs running QuickNotes in a Docker container (preview of Lab 6)
- π Deliverable:
submissions/lab5.mdwithvagrant uplog, snapshot timestamps, and a one-paragraph reflection
| π₯ Antipattern | β Better |
|---|---|
| GUI-click your way through VM setup, then "remember" what you did | Vagrantfile + cloud-init = version-controlled |
| Run a VM on a chain of 20 snapshots | Use snapshots transiently; delete after restore |
| Allocate 16 vCPU on a 4-core host | Over-provisioning leads to thrashing β cap at host cores |
Skip apt-get update in provisioning ("the image was new last month") |
Build images with Packer; pin versions; refresh weekly |
| Treat VM as a pet ("this is the build server") | Treat VM as cattle β destroyable + rebuildable in one command |
- ποΈ April 7, 2014 β Heartbleed (CVE-2014-0160) disclosed: any TLS-using OpenSSL server can be remotely memory-dumped
- 𧨠~17% of the public internet's HTTPS servers were vulnerable
- π At cloud scale, this meant rebuilding tens of thousands of VM images from base + new OpenSSL + redeploying
- π οΈ Companies with proper image-pipelines (Packer + version-controlled cloud-init) shipped patches in hours. Companies that hand-built VMs took weeks
- π Lesson: If you can't rebuild a VM from a text file, you can't respond to a CVE at speed
π¬ "Treat your servers like cattle, not pets." β Bill Baker (Microsoft, 2012) β and Heartbleed was the moment that became survival, not philosophy
- πΎ A VM is software pretending to be hardware β its own kernel, its own networking, its own everything
- ποΈ Type 1 = bare-metal hypervisor (datacenter), Type 2 = hosted (laptop) β same idea, different host
- πΈ Snapshots are time machines, not backups β same disk, same failure domain
- π Vagrant + cloud-init make VMs declarative β commit the file, not the clicks
- π³ VMs and containers are complementary, not competitive β containers run inside VMs in production
- π Treat servers like cattle β when you can rebuild from text, you can survive Heartbleed-class events
- π Next lecture: Containers β same OS, lighter isolation, faster everything
- π§ͺ Lab 5: Vagrant + VirtualBox + QuickNotes; snapshot lifecycle; resource comparison
- π Read this week:
- π Modern Operating Systems β Andrew Tanenbaum β Chapter 7 (Virtualization)
- π VMware Workstation paper (1999) β how they made x86 virtualization work
- π Vagrant docs β start with "Getting Started"
- π Cloudflare on Heartbleed (2014) β real-time analysis of the attack
- π οΈ Tools to install this week: VirtualBox 7.1.x, Vagrant 2.4.x
graph LR
P["π» Week 4<br/>OS + Networking"] --> Y["π You Are Here<br/>Virtualization"]
Y --> N["π³ Week 6<br/>Containers"]
N --> M["π§ Week 7<br/>Config Mgmt (Ansible)"]
π― Remember: Virtualization was the abstraction that made everything else β clouds, containers, immutable infrastructure β possible. The pattern (run N tenants on shared hardware via a thin abstraction layer) keeps repeating.