A Comparison of VMware ESXi and Microsoft Hyper-V Hypervisors

This article focusing on comparison of two leading hypervisors — VMware ESXi and Microsoft Hyper — V. Me and Jeff Moorhead (my team member) collaboratively made this report.

Abstract

With the explosive popularity of cloud computing technologies, consumers today have available to them more resources than ever. The growth of cloud computing as a paradigm of modern computing has been supported by several foundation technologies. One of the most fundamental of these is virtualization. There are currently dozens of virtualization platforms available to consumers looking to reap the myriad benefits that virtualization has to offer. Two of the major contenders in this market are VMware’s ESXi hypervisor and Microsoft’s Hyper-V. Both hypervisors are type-1 hypervisors that use differing architectures. This paper will provide an overview of the benefits of each hypervisor and will provide an analysis on the strengths and weaknesses of each based on performance reviews and implementation necessities. Largely, the choices an enterprise will make should not be based on any one metric, but on a variety based on the primary needs and concerns of the enterprise.

Introduction

The growth of cloud computing has been supported by several foundation technologies that have allowed companies like Amazon, Google, and Microsoft to provide computing resources to consumers more efficiently and at larger scales than ever. Enterprises no longer need to invest in expensive server hardware or staff an IT department to manage that hardware. At the heart of cloud computing is the characteristic of resource pooling, which allows cloud service providers to use shared computing resources to provide a service to multiple customers at once. This characteristic of cloud computing is heavily dependent on virtualization [1]. It is important that the consumer understand the role virtualization plays in cloud computing, as well as how different tools implement virtualization technology. In order to develop this understanding, the enlightened consumer must have a solid foundational understanding of virtualization itself. VMware and Microsoft are two major developers of hypervisor software, and we will use the examples of ESXi and Hyper-V, comparing each in terms of performance and architecture to develop a fundamental picture of how virtualization can be leveraged to support modern cloud computing platforms.

Virtualization

Virtualization is a broad term to describe a method of separating “a resource or request for a service from the underlying physical delivery of that service” [2]. The idea of virtualization is used extensively in computing with techniques like virtual memory and virtual private networks. In terms of machine hardware, virtualization is a layer of abstraction between the processes running on a machine and the physical hardware (network devices, storage mediums, etc.) that the processes access [2]. By adding a layer between the hardware and the machine hardware, IT managers are able to pool their resources more effectively, thus reducing wasted resources and cutting IT costs. This fact alone makes it clear why virtualization is a vital tool for cloud service providers who need to deal with potentially hundreds of thousands of resource requests daily.

In addition to increased efficiency in hardware usage, an organization can easily upgrade the availability and efficiency of computer resources and applications through virtualization. Many enterprises have reduced costs and bolstered their own success by replacing traditional hardware systems to a virtualized environment.

The primary tool of virtualized systems is the hypervisor. A hypervisor is an intermediate layer between software and hardware. Hypervisors support one or more virtual machines, each running their own self-contained operating systems, known as guests . Hypervisors are typically split into two categories: type-1, also known as bare-metal hypervisors, and type-2, also known as hosted hypervisors. Type-2 hypervisors are typically presented as their own software applications that run on top of a traditional operating system such as Debian Linux or Microsoft Windows. Examples of type-2 hypervisors are Oracle VirtualBox and VMware Player. Type-1 hypervisors, in contrast, are installed directly over machine hardware, and as such, have direct access to the hardware. Hyper-V and ESXi are type-1 hypervisors, so it is with this group where we focus our analysis. There are two types of virtualization offered by type-1 hypervisors that need to be mentioned:

Full Virtualization

The hypervisor generates a remote environment between the guest and the host. Operating systems directly access the peripheral devices and hardware controllers without any intervention between virtual environment and host machine.

Para Virtualization

The privileged command is delivered to the hypervisor through a series of hypercalls. The hypervisor receives and responds with the requested hardware device to the guest machine [2].

Further, type-1 hypervisors exist in two distinct architecture groups. The first of these is the monolithic architecture. The monolithic hypervisor is completely self-contained, and encompasses a kernel, machine drivers to allow hardware access, user interfaces and one or more APIs for administrative access. ESXi is an example of a monolithic hypervisor. In contrast, microkernel hypervisors work in tandem with a management partition. This management partition contains an operating system that controls access to hardware by taking requests from the hypervisor [3].

What is Hyper-V

Hyper-V is the hypervisor created by Microsoft to establish “enterprise-class virtualization” with to an organization. Hyper-V can be installed as a standalone server or included as an addon to the Windows Server operating system. The addon version is known as Hyper-V Server. Hyper-V allows administrators to create virtual instances and virtual environments in isolation which facilitates efficient creation and management of more than one virtual server on the same set of machine hardware at the same time.

What is Vmware ESXi

ESXi is a type-1 hypervisor designed by VMware. It is an operating system-independent hypervisor based on the VMkernel that interfaces with guests that run on top of it. ESXi stands for Elastic Sky X Integrated.

Performance Monitoring with Hyper-V and ESXi

Hassan Fayyad et al. include an in-depth discussion of the performance differences between Hyper-V and ESXi in their paper “Benchmarking the Performance of Microsoft Hyper-V server, VMware ESXi and Xen Hypervisors”. This paper offers clear insight into several important performance metrics and delivers a quantitative analysis based on these metrics. The total discussion is highly technical, but there are several key qualitative take-aways. An important similarity between ESXi and Hyper-V is that both use guest services which facilitate tighter integration between hypervisor and guest operating system. In fact, both hold these services to gain consistent use of virtual environment. ESXi and VMware tools and their guest services allows better overall performance of virtual environment with upgraded graphics, mouse and keyboard drivers and time synchronization.

Microsoft Hyper-V technology is parallel to VMware tools which provide feasibility between guest machine integration and consistent use of virtual machines. Hyper-V is automatically tuned based on the number of guest operating systems. T he number of virtual processors that are supported per guest depends on the guest operating system .

There are various metrics provided to monitor the performance of both hypervisors. ESXi CPU utilization metrics provide total CPU utilization across the system along with the average percentage . Further, the memory utilization features of ESXi provide the total memory utilized across the system along with the average value in percentage. Disk usage monitors disk usage of ESXi server along with the average value in kilobytes per second [4].

In contrast to ESXi, Hyper-V offers performance metrics based on I/O disk utilization, memory and network performance, and most notably, processor performance. The disk performance of Hyper-V can be measured by using the average time in seconds per read or write from disk. These counters measure the amount of time to perform read and write operations on and in response to operating system calls. Further, in Hyper-V, the memory performance is calculated by the memory available per operation on the physical computer [7].

Recommendations to enhance ESXi and Hyper-V performance

In general, ESXi has higher RAM requirements than Hyper-V. VMware suggests allotting about 8 GB to take full advantage of features and to run virtual environments in production. To improve performance, enterprises need to configure faster processors. VMware also recommends that not place virtual machines on the disk containing the ESXi boot image. Doing so is known to reduce performance. Instead, it is better to utilize the physical disk storage to save the boot image. On every virtual machine, the VMware tool must be installed to gain power of on demand characteristics of virtualization [5].

On the other hand, to enhance the Hyper-V performance enterprises must allot enough disk and CPU resources to the hypervisor to reap the full benefits of the tool. A preferred guest operating system is 64-bit. In general, for both hypervisors, if organizations wanted better performance, they need to manage the workload on virtual machines, including shutting down any unused virtual instances, focusing on integration services and their coupling, and taking advantage of dynamic memory features.

VMware ESXi Security

VMware ESXi is shipped with several default security features. Enterprises can additionally secure ESXi hosts further using lock down mode or other built-in characteristics. Enterprises can achieve consistency by setting up a reference host, and then basing all other hosts on the reference host; even some organizations prefer to apply a scripted management methodology, which confirms that modifications will apply to all hosts. ESXi shells and SSH services are not enabled by default and in general, only the root user can login and access the DCUI (Direct Console User Interface). Enterprises can propose named user and leveraged user access, and they can proceed with minimal open ESXi firewall ports, proper checking of ESXi integrity. Finally, enterprises can consider smart card authentication to bolster security in ESXi[6].

Microsoft Hyper-V Security

To create secure virtual environments with Hyper-V, Microsoft provides a restricted Windows Server installation to minimize the attack surface. This feature requires enterprises to upgrade their host systems, and to configure hardware with the latest patches. In addition, enterprises can use the credential guards to manage the host system locally. But in general managing host machines locally is not a good practice; Remote Management is a secure way to protect the integrity and availability of each virtual environment. By giving minimal access, configuring systems correctly, securing devices, installing antivirus and firewall software, secured communication with network adapters can provide the highest security to hypervisors.

Despite the security features present in each hypervisor, there are several security concerns inherent in each VM’s architecture that need to be addressed. First, the microkernel architecture present in Microsoft Hyper-V has several important security vulnerabilities. Because the microkernel architecture relies partly on an operating system running in a parent partition to control device drivers and other hardware aspects of hardware control, the hypervisor must communicate with outside software. This removes a level of security present when the hypervisor software is completely self-contained. In addition, Hyper-V requires considerably more configuration and allows more direct access through APIs and administration interfaces, which act as direct threat points for the hypervisor.

In contrast, ESXi allows for less configuration and uses a stripped-down administration interface. This is possible because the monolithic architecture does not require interaction with an operating system functioning in a separate partition. This independence means that the monolithic architecture in general is more secure than the microkernel architecture [3].

Implementation and Portability

Whether to use Hyper-V or ESXi in an enterprise situation is a largely variable issue that should not be determined on one metric of quality. Hyper-V outperforms ESXi in some cases, while in others, ESXi is the clear victor [7]. In terms of security, however, ESXi is generally more secure due to its stripped-down administrative interface and reduced number of communication points with outside APIs. In terms of cost, Hyper-V is cheaper to implement, which may be a crucial consideration for the small enterprise looking to leverage virtualization to reduce costs as far as possible. Conversely, ESXi has wider support for guest systems, including more well-integrated support for various Linux distributions [8]. Ultimately, the choice of hypervisor depends on the priorities and desired features of the enterprise. Some large enterprises are already using Hyper-V, including RedHat. At the same time, VMware has long held a prominent role in the virtualization market, and as such, boasts a wide catalog of impressive clients. It is the authors’ hope that this paper will serve as a helpful guide to making the decision not only between Hyper-V and ESXi, but also between the different styles of bare-metal hypervisors available.

Conclusion

Virtualization is not going away. In the past decade, the demand for virtualized systems has grown exponentially, along with the number of hypervisor solutions available to consumers, who are left to understand the difference between type-1 and type-2 hypervisors and the subsets of each. In the category of bare-metal (type-1) hypervisors, there exist two architectures, monolithic and microkernel, that offer individual advantages and weaknesses. VMware’s ESXi is a monolithic hypervisor offering a bare-bones administrative interface that allows for greater security control and reduced need to interact with outside software. Microsoft’s Hyper-V is a microkernel hypervisor that runs alongside an operating system running in a separate partition on disk from the hypervisor. It is important to note that Hyper-V does not run on top of the operating system, as this would put Hyper-V in the type-2 category of hypervisors.

Hyper-V and ESXi both perform well in various metrics, so neither should be preferred over the other in terms of raw performance. However, Hyper-V is generally cheaper, despite its reduced security advantages. This means that the choice of Hyper-V and ESXi is more complex than simply saying one is better than the other. The choice ultimately comes down to the needs and desires of the consumer. That said, Hyper-V and ESXi are both high-quality products that deserve consideration from anybody looking to move into the world of virtualization.

Works Cited

[1] Elom Worlanyo, “A Survey of Cloud Computing Security: Issues, Challenges and Solutions.” December 2015. [Online]. Available:

https://www.cse.wustl.edu/~jain/cse570-15/ftp/cld_sec/index.html .

[2] “Virtualization Overview.” Vmware Whitepaper. [Online]. Available:

https://www.vmware.com/pdf/virtualization.pdf .

[3] J. Shropshire, et al, “Analysis of Monolithic and Microkernel Architectures: Towards Secure Hypervisor Design,” 2014. [Online]. Available:

https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6759218

[4] “Performance Metrics of VMware ESX/ESXi Monitor”, 2019. [Online]. Available:

https://www.site24x7.com/help/virtualization-metrics/vmware-esx-esxi-monitor.html

[5] “Performance Best Practices forVMware vSphere 6.7”, July 27, 2018. [Online]. Available:

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/performance/vsphere-esxi-vcenter-server-67-performance-best-practices.pdf

[6] “Securing the ESXi Hypervisor”, August 10, 2018. [Online]. Available:

https://docs.vmware.com/en/VMware vSphere/6.7/com.vmware.vsphere.security.doc/GUID-E9B71B85-FBA3–447C-8A60-DEE2AE1A405A.html

[7] Hasan Fayyad et al., “Benchmarking the Performance of Microsoft Hyper-V server, VMware ESXi and Xen Hypervisors”, Journal of Emerging Trends in Computing and Information Sciences , vol. 4, no. 12, December 2013. [Online]. Available:

https://www.researchgate.net/publication/261411692_Benchmarking_the_Performance_of_Microsoft_Hyper-V_server_VMware_ESXi_and_Xen_Hypervisors

[8] Aviv Lichtigstein, “ VMware vs. Microsoft Hyper-v: is VMware Still Far Ahead?”, August 9,2017. [Online]. Available:

https://www.loomsystems.com/blog/vmware-vs.-microsoft-hyper-v-is-vmware-still-far-ahead