At a high level, operating system virtualization is used to multiplex several virtual machines onto a single physical machine. The virtual machines run operating systems; the physical machine can run operating systems. So what is the difference between a virtual machine and the physical machine?

Hardware is the most obvious difference. On a physical machine, the operating system has direct control of all attached hardware: network cards, hard drives, the graphics card, the mouse and keyboard. However, the virtual machines cannot have direct access to this hardware, or else they will undermine the isolation between each virtual machine. For example, a virtual machine (or VM) might not want other VMs to see what it stores in its secondary storage, or to read its network packets. Moreover, it would be difficult to ensure fair use in this scheme. You could have one device of each type for each virtual machine, but this would negate the cost and power savings of virtualization. The solution is to give each virtual machine a set of virtual hardware, which provides the same functionality as real hardware, but which is then multiplexed on the physical devices.

A more subtle difference arises when an operating system runs in a virtual machine. Traditionally, the operating system kernel is the most privileged software running on a computer, which allows it to execute certain instructions that user programs cannot. Under virtualization, the hypervisor is most ...