Who needs a bare-metal client hypervisor? Just run your guest VM on a Linux/KVM client!

We've been talking about client hypervisors quite a bit recently. As one of the four pillars of my "Desktop 2010" vision and a key part of my new "Desktop 2015" vision, client hypervisors can't get here fast enough as far as I'm concerned.

We've been talking about client hypervisors quite a bit recently. As one of the four pillars of my "Desktop 2010" vision and a key part of my new "Desktop 2015" vision, client hypervisors can't get here fast enough as far as I'm concerned. Companies like Neocleus and Virtual Computer have made early strides in this space, but most people seem to be waiting until Citrix and VMware each release their Type 1 bare-metal client hypervisors. (Both companies announced client hypervisors in 2008/2009 and initially promised them last year, and now it looks like neither Citrix nor VMware will ship a client hypervisor before the end of 2010.)

When Gabe and I did our "Geek Week: VDI Challenge" a few months ago, one of the vendors chosen was Virtual Bridges. Their CTO Leo Reiter bragged that their VERDE product included a client hypervisor, we reacted with confusion as to how we had missed this?!? But then we come to find out that their "client hypervisor" was a locked-down Linux build with KVM running their normal desktop VM.

"This is not a real client hypervisor," we thought. #FAIL. Move on.

But wait... what exactly is bad about this approach? KVM is part of the Linux kernel. Linux runs on everything. So while Citrix and VMware are struggling to create hypervisors that only work with a very small set of vPro-enabled client devices, a KVM-based VM can probably run on just about anything. Combine that with some startup stuff to hide the client, and who needs a "real" bare-metal Type 1 client hypervisor?

Other advantages (in random order off the top of my head):

  • Anything that can run Linux can run the client VM (wait and see how big the HCLs are for Citrix and VMware)
  • Full hardware support (GPUs, etc.)
  • KVM is built-in to Linux
  • This is real today (and has been for some time)
  • This is available from multiple vendors
  • You can run the free VMware Player for Linux or VirtualBox.
  • Linux can be locked down and managed centrally (The patching/managment to your Linux host probably isn't any more different/difficult than the patching/management of your "real" bare-metal hypervisor
  • The "Linux-ness" of the client can be hidden
  • This is no more "Linux-y" than ESX
  • Vendors / consultants could wrap this up into a slick package like what we think Citrix XenClient / VMware View Native Mode will be

And what about the advantages of getting a "real" client hypervisor from Citrix or VMware? Well... I guess we'll know if/when they come out!

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

KVM.  I love it and use it a lot (along with OpenVZ).  I use it on RHEL/CentOS and Fedora but yes it is available in many distros because it became part of the mainline Linux kernel with 2.6.20 (released early 2007).  The Linux kernel has a new release about every 3 months and is currently on 2.6.33 with 2.6.34 due real-soon-now.

Just to clarify one point... KVM doesn't run everywhere Linux runs... because it requires hardware support for virtualization in the CPU... so it doesn't run on legacy CPUs... but perhaps that was a given for you?!?

I emailed Gabe last week asking for a review of the Virtual Bridges VERDE 4.0 release that just happened at the end of April... and he said you guys plan to see it at an upcoming show and that he could hopefully get to it in the coming weeks.  I myself hope to get a trail setup in the near future to see how well it would work out for various labs at work.  They added RDP, RDP7, and NX in addition to the VERDE protocol... as well as the web-based GUI admin that they promised.

The good thing is that because KVM is part of the mainline Linux kernel, everyone has equal access to it and we should see a slew of various GUI management apps coming from various vendors as time passes. I'd also expect to some free/open source solutions appear, grow, and mature.  To me desktop virtualization won't happen fully until there is a free solution.  Call me crazy.

I know it isn't exactly enterprise-y enough but if you haven't already, you should check out Proxmox VE.  It is a free/open source solution that offers KVM fully virtualized machines and OpenVZ containers in an easy to install, turnkey solution with a fairly nice web-based management system.

Of course Red Hat continues to port RHEV-M away from Windows Server 2003 and .Net to Java/JBOSS and they will eventually release the sources to the world under an open source license, but that might take a while.


This point is a bit funny

"You can run the free VMware Player for Linux or VirtualBox. "


There are client hypervisors and then there are client hypervisors.  I've been using desktop linux for several years and unfortunately, I still find I need windoze for certain applications which are needed to function in my job.  I've used nearly every x86 virtualization tool there is and when it comes to using a virtualized desktop everyone on this blog knows that "user experience" is critical.  For example, I am also a blackberry users and occasionally I need to connect it to a Windoze PC to upgrade its OS, for example.  Sometimes I need sound, webcams, and other devices to work well inside a VM running windows.  Personally, I've been less than satisfied by the user experience of most desktop hypervisors, including KVM.  At least out of the box KVM with a distro like ubuntu doesn't lead to a good enough user experience running winxp in a VM on my thinkpad - in my opinion.  I generally use a commercial license of VMWare Workstation for linux which is barely passable.  And I don't even try running games or anything graphically intensive on it.  I'd love to be able to really use video editing s/w in a Windows vm on my machine (T61 - core2duo with 4gb ram + 7000 rpm sata disk) - but it's not good enough yet in my opinion.

I do agree that kvm is very attractive for this application - but IMHO, it's got a way to go before being good enough for my needs.


There is very little difference between a small Linux with a "type-2" hypervisor and a Xen-style "type-1" hypervisor.  The Xen hypervisor *is* a Linux kernel and has all the benefits and downsides associated with that.  Don't fool yourself that the client hypervisor layer does not require management - you will still need to manage and update it, especially because the technology is so immature.  In fact, you will probably need to update your client hypervisor more often than a Linux kernel, because the Linux kernel is relatively mature and stable by this point in time, but client hypervisors are still changing often.

Few people know this, but VMware's CVP (as well as VMware ESX) is actually an embedded Linux with a type-2 VMM running on top!  This allows compatibility across the various VMware products.  So they are already doing exactly as you describe (or will be when it is finally released.)

The whole type-1 vs. type-2 argument is vacuous.  The most important things (like you point out) are the features you get from a client hypervisor: performance, compatibility, security, manageability.  You have the same concerns whether you are using a Xen-based type-1 or a embedded-Linux with a type-2, and nobody really solves the problem in an adequate way yet.



Well I'm running XenClient and can do everything on your wish-list Brian.

3D graphics (not emulated, but native GPU access from the VM), so 3d games & other apps work perfectly (actually even without HDX3D GPU passthru enabled, full screen video is fine, only apps that are requesting real 3D functionality from the GPU suffer, so my use-case is to run my locked down business VM without HDX3D and my personal VM with all my games etc with GPU passthru enabled. Being able to run both at the same time makes a lot of sense - if the boss comes along, just switch to the business VM with a quick key combo.

Anyway guys, not long to wait to touch & see it for yourselves anyway. Will you see it before the end of 2010 (as Brian hopes for above)? definitely.


From what I remember vmkernel is NOT derived from Linux at all; at one stage it did get some drivers off existing Linux one (and adapted accordingly). The console, yes, it is based on RHEL.and is the first 'VM' that runs. At least this is what I remember off the VMWare website. :-)


Claudio is quite correct in stating that the VMKernel isn't Linux or based on Linux. The same is equally true of Xen..


The main reason to use a bare metal hypervisor in an enterprise environment is security - this is key and have to be handled!

And then of course handling management of both OS'es (the client and the other/hosts) OS - because the company really cant tell the users (BYOPC perhaps) that they dont care if the user cant access the company platform - cant they ;-)

When we got a good solution to manage both the client and the other OS'er on the PC - then we got something... I think :)


Not related to Desktop Virtualization.

Mactel did a benchmark comparing 3D performance of VMware Fusion and Parallels Desktop. Parallels performance is wastely superior to that of VMware Fusion

Here is the link to the video



I agree with John Whaley on type 1, type 2...eh, they are still a kernel with interrupt handler, scheduler, drivers, management, etc.  What's the difference?

Claudio is quite right about vmkernel, but have you ever upgraded ESX...there's a lot of Linux in there to make things work.

As for Xen, I don't know anyone running dom0 (which Xen cannot live without) on any scale exclusive of Linux.  

The sad part: it's likely we'll all be running proprietary client hypervisors that are incompatible and have different HCL's leading to more complexity.



No-one is debating that the control domains utilised by Xen & ESX are Linux based, however with work, those control domains could be any O/S (hey MS effectively ported Xen to use a Windows control domain with Hyper-V, and the same should be possible with ESX if so desired), but in reality, the OS utilised in the control domain is of little consequence really.

As for different HCL's for client hypervisors, I think that you will find the list for VMware's CVP (if it ever sees the light of day) will be almost identical to Citrix's because of virtually identical hardware requirements (any difference will be down to testing & certification).

The difference between Type 1 & Type 2 are marked in terms of performance and security as correctly stated by Michael above.

@MySchitzoBuddy - For 3D performance, the Windows Experience on XenClient for Win 7 (in my experience) is identical to that of the OS installed natively, so no degradation there at all - The same can't be said about type 2 hypervisors with emulated graphics with key components like shader models either broken or missing.

Don't believe me? See it for yourself @ Synergy.


XenClient is now available for download at www.citrix.com/.../download

Have fun :-)



I tried downloading it, but no dice. I get the message: "Citrix Systems, Inc.’s global trade policy strictly prohibits, as required under U.S. law, trade with entities in embargoed or sanctioned countries, parties and/or individuals as applicable.  

Following the required internal review, we have determined that trade or delivery of a product with your organization or person is prohibited under U.S. law.  Therefore, Citrix Systems Inc. cannot provide your organization with access to this download.

If you feel this is in error, please contact a customer service representative customerservice@citrix.com for further information. "

I tried from the San Fran Hilton, the Synergy WifFi, the Kiosks at Synergy and even remoted into my home system in Chicago.


This is good discussion, in fact on my laptop I used a to launch KVM in a small linux kernel and in the meantime execute SPICE on localhost.

I just disabled linux logon and remove some kernel modules and code to make it as type I as possible. So I guess Yes complete opensource Client Hypervisor could be done easily.

Just need a nice management system and you'll have something quite efficient i guess.

Do you guys have any news around RH Virtualisation strategy on client side ?