I run all my software within my turning complete Minecraft Redstone computer. it is always safe to do so, not many viruses have gotten through my actual system yet.
@@canismajoris9115 but the glowies do keep trying to get me tho, lol. the other day I was in a Starbucks and this young lady approached and took a seat next to me, I was optimizing a few of the memory modules of my redstone-system. and she asked me what I was doing, heck, she even dared look directly at my eyes. I BET SHE WAS A GLOW IN THE DARK CIA N* TRYING TO GET ME TO SPILL MY PRIVATE INFORMATION. I called her out for the horrible person she was and punched her in the face before leaving in a sprint for my safety. I was not sure if there were more Glowies waiting for me on my way home so I took a rest under a bridge for a few days.
I just like watching this out of curiosity, I'm far too lazy to actually take any of these measures he shows in these vids. All I care about is that my games "just work" and linux doesn't do that.
For those still not clear on the container-based virtualization (CBV) and hypervisor-based virtualization (HBV). CBV like Docker virtualize the OS. It captures system/kernel calls, like opening file handles, making network sockets, making new threads etc. and translates these system calls to the native host's system calls. There is no separate guest OS running for the guest application. The application runs directly on the host OS, but it can't access other files and folders because it is namespace-isolated. The "/" directory for the guest application might be "/home/username/appname/" for you. HBV like VirtualBox, QEMU, VMware and more virtualize the hardware instead of the OS. So you do in fact run a guest OS on top of your host OS. System calls are not translated for the guest app, it talks directly to the guest OS. It is when the guest OS tries to fulfil the system call by talking to hardware, is when the hypervisor comes into play. When the guest OS for example wants to read sector X of your HDD, it translates that to what location in the actual, physical HDD it belongs to, and then the corresponding file is requested by the hypervisor from the host OS (for type-2, in type-1 the hypervisor is also the host OS so it simply reads the corresponding sector itself), gets the file, read the right location, and return it back to the guest OS, which returns it to the guest app. You can see why this might be slow. (CBV and HBV are not actual abbreviations, I just made them up for my own convenience.)
magnet: ?xt=urn:btih:7101c26a2ba10ab2374dcc171f92a443bdc986c5&dn=21996.1.210529-1541.co_release_CLIENT_CONSUMER_x64FRE_en-us.iso remove the space between magnet and the ? for the magnet link edit: i added the space because youtube deletes my comment otherwise
During my school days virtualization was so annoying. Making whole VM network was a pain.. but I'm time I start to see pros and cons of it. Nowadays I can't live without for example proxmox. This tech became so convinient ...
Back in school, when I learned to write C++, I never considered Virtualisation as an option. It was so slow and the performance loss was not worth the slightly easier management. Nowdays with efficient VMs, Docker, Kubernetes, .... at our Fingertips (hardware support in desktop CPUs) it is a welcome option.
We currently have some stuff where we need to create VMs and a network just for the VMs at school. Was pretty easy to set up a virtual switch on my ESXi at home. My classmates who are running their VMs on their laptops had more issues though
One thing that I noticed is that VirtualBox works pretty good inside Windows even in a low end machine, but on Linux for whatever reason it's incredible slow, at least for me. Then I tried Qemu + KVM and boom, loading and installation times got really fast. Unfortunately the graphics virtualization just sucks unless you do a PCI passthrought. But honestly on Linux the best virtualization experience is going to be with Qemu with virt-manager.
I'd recommend looking into VirtIO graphics and intel gvt-g for gpu virtualization in qemu. PCI passtrough is the easiest to set up if you already have the hardware though.
@@camwha5904 I was experimenting a little with the virtio graphics and it kinda works but it's really buggy on my old hardware (ivybridge). But it's way better than qxl.
containers are not related to virtualization at all, they are native applications running natively on the host hardware, even using the same kernel, they are just as separated from all the other components of the system (security-wise) as possible. they can have similar limits (like RAM, CPU, etc.), and serve similar purposes like virtualization, but they are not the same kind. not at all.
I would like to say that it is possible to run a Windows application in a Docker containger, so this isn't entirely true. You can run a Fedora container on a Debian host. All that's necessary is that the host system should be Linux-based (because it needs namespace isolations and other stuff I don't know which is easy/exclusive to program in Linux).
So the difference is just that containers are just a locked down app? Wasnt there supposed to be advantages with differing versions too? is there a good video out there to understand the difference?
Thats not entirely true because yes you are running on the same kernel, but the os you are running in is vitrualized. The Problem here is the definition of virtualization. Containers or jails as they were called in the old days are a completly different way of doing things then the classical i will run a Computer in a computer. It's more like I run an OS inside an OS or arguably i run a Userspace inside a Userspace. With your look at virtualization one could argue, that a real bare metal hypervisor is just 2 Computers running on the same Hardware and not virtualization. And the only true virtualization is Type two Hypervisors.
So, I feel the need to be pedantic. VirtualBox's BIOS is GPLv2, and easily visible in the source tree, in src/VBox/Devices/PC/BIOS (for BIOS) or src/VBox/Devices/EFI/Firmware (for EFI).
@@satra1102 First off, I agree with the "who cares" part, but since you want to be that pedantic, I'm going to point out your pedanticity is wrong. Second off, the "All distributions" version of VirtualBox is built with "GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7-22.0.1)". This is, believe it or not, an open-source toolchain. So, you were saying?
@@satra1102 Its not free but it is open source . They use OpenWatcom compiler , which's license requires you to share software modifications not only if you distribute but also if you use privately (like googles private linux distro) . FSF says that is not free . But the compiler's source code is open , just not libre
I feel like that 10 minute explanation was exactly what I needed I got so much information it was unreal. I was looking at type one hypervisors and wanted to know a little more about them.. Yeah this put a lot of information into perspective and I highly recommend this video for learning more about virtualization.
kvm is actually for type-1 virtual machines. Installing it effectively turns the "host" operating system into a type-1 hypervisor, since all hypervisors do need basic OS features. The difference is that you still have complete access to the underlying components since they are just a linux OS, so you can trat it as if it is a type-2 virtualizer if you want to.
PCI-e passthrough is a pain to deal with sometimes, but whenever it works it's amazing. I tried to pass a quad gigabit nic from Proxmox to a VM, but the card was on the same IOMMU group as the internal NIC so it passed in both and I lost access to the Proxmox web gui, later I found out that it's impossible to seperate them because of the electrical wiring on the motherboard itself. Fun times.
Try using virt-manager instead, it's a front end to QEMU. If you need to mess with your VMs once they're created you can go in and edit the config files, much easier to do this way than trying to learn QEMU from scratch.
The arch wiki has a very straightforward first-time guide and the gentoo wiki has an article on the more popular options to pass (amount of resources, kvm acceleration, etc.). Once you get an OS installed on a disk image, you can just save your launch command with all its options as an executable shell script :) Also if you like GNOME, Boxes is just a front-end for qemu.
Have you heard about Jails in FreeBSD. I know you don’t talk about the BSDs but it’s one of the oldest virtualization system that has very little overhead.
Finally... A straightforward, no BS overview focused on the most used choices within virtualization/containerization, their practical application, and comparisons of how each relates to another. Great video and even better demonstration of knowledge related to these technologies. I don't understand why there isn't other content like this among other reputable content creators. It seems like most other videos are more geared towards a singular view or comparison. 👍
@@sarscio I'm pretty sure it runs fine if you do gpu pass-through. The only games I can't run are valorant and rainbow 6. I had trouble running genshin but I figured it out. If you pass-through a gpu, almost all games will run like they where on windows
@@innac_makes_things heard you have to enable hyper v and add some lines in the XML to get valorant, r6s or genshin running under the vm with gpu passed in
Qemu and vmware workstation would be hybrids, because they can both operate as Type 1 or Type 2 depending on if they are using host accel, IE. Kvm/WHPX. Also anticheats are starting to block VM gaming
Thankfully EasyAntiCheat leaves it up to the game developers for whether or not VM's should be bannable, and I haven't been banned on games which use that. BattleEye games (R6 siege, Escape from Tarkov, etc) will ban you for using a VM. Genshin and Valorant block VMs. But every other game in existence works perfectly fine with VM gaming rn
@@clocked0 You don't get banned for using a VM, you get banned if you try to bypass it. But battle I does block VMs. You're right about easy anti-cheat though thankfully
@@clocked0 there are methods to hiding a vm from these anti cheat services but most of the well known methods have been patched and the unknown ones are kept super secretly by the people who know them (like it’s utilizing an exploit on a new linux kernel release from a week ago that they only know for now). You can technically best the anti cheat softwares with enough brute force, research, and tinkering but they’re the ones with control over your account in the end so the risks can be pretty high
We need something like SR-IOV support for the consumer GPUs, then we would be able to run everything virtualized with full hardware acceleration without any container or VM being able to access anything which doesn’t belong to it, would be much more secure and great for Linux gaming, cause no GPUs are available, and currently we need at least two to run a Windows VM for Gaming, which is ridiculous. Basically one idling all the time, the other working. While nobody gets a single GPU. Nvidias 3000 lineup support SR-IOV via hardware, but that’s it, they wait for AMD or whomever to enable it first to magically get that feature either if needed to be more competitive. We need to demonstrate against that shit, that feature is really important and should be enabled for everyone. Currently only super expensive pro cards for 10 grand or whatever and or with monthly multiple grand subscription fees you get that feature eventually. AMD had one card a few years ago a FirePro or whatever forgot the name, super expensive card worse than consumer cards, but without subscription. Level1Tech does good videos about it. Cards without sth. similar to SR-IOV should be illegal. Imagine your CPU not being able to run virtual machines.
@@weshela-in-chief do you mean running windows in a vm or running a vm in windows what os is the host? privacy is good if windows is in a vm but if your main systems running it its way worse
1. cpu demand can be quite high due to anti cheats and drm especially denuvo. 2. if you are not playing online anti cheat should not be a problem. 3. i think a simple supervisor/warden like system could be built into the vm that reserves a few cpu cycles to detecting if the vm is not responding and reboot it. it would be like the mac books have where they will reboot if they freeze
I understand, Type-1 (Bare-Metal) : Hypervisors like Qubes-Os, Type-2 (Hosted) : VirtualBox w/proprietary BIOS, QEMU (free PCIe passthru) Docker Container But what is meant by KVM hypervisor available only on Linux? Windows only has Hyper-V? Where does WSL2 fit in?
@@pakistanigamer6525 agree, I thought I was funny to say it's an emulator when in the name itself it says "wine is not an emulator". Sorry for confusion.
Good video I don't quite understand the difference between type 1 and type 2 tho. Like what exactly does type 1 do to run on the hardware and get better performance?
Since WSL2, it is virtual machine managed by the windows hypervisor (HyperV) which you can connect through the windows terminal. Windows 10 itself has it's own virtual machine software which you can find by searching HyperV Manager on the start menu. Additionally, if you have WSL2 you have HyperV turned on which can make virtualization by third party solutions very slow.
"You're typically not gonna see a type 1 especially at a home desktop" Uh, the very prolific WSL2 for consumer windows would like a word.. If you [somehow] haven't heard of it, it's like Qubes except your interface in your regular windows install, and you can just run any native linux code through the windows ui on the linux sibling hyperv kernel/s Not for security, but ease of use and is pretty stellar. P9-facilitated, seamless, two-way filesystem mounts, cli interactivity, and graphics & raw disk passthroughs. But only for linux and no real control over other block devices for the linux kernel (but it *is* a real kernel and ive compiled my own to get wireguard working and it operates very close to metal).
They're probably talking about Hyper-V. It's a type 1 hypervisor technology from Microsoft that does NOT come pre-installed with windows, but can easily be enabled and downloaded (as an update). It's similar to KVM to the fact that it runs side-by-side with the windows kernel, but it lacks a lot of features compared to KVM, Xen or ESX(i).
IBM POWER/pSeries systems have a hypervisor at the firmware level. Moreover, most setups use multiple Virtual I/O Servers that run as LPARs (VMs). Quite a bit different than the type 1 hypervisors you see on Intel/AMD platforms.
I've used VirtualBox and Vagrant to match my development environment to that of my Digital Ocean instance when web developing. But haven't used VM for anything else. What am I missing? Anything fun.
Not missing anything that I know of. If you are on mac (or windows i assume) then docker will not be any faster than vagrant/virtualbox for a local environment. I also find ansible much better to work with than docker. Anyways, other uses of VMs: try out a new OS, use windows semi-securely by destroying it to bits after each use, boot up xp to feel nostalgic, safely inspect infected files, test updates, you could even run a vm inside a vm if you really want to be a weirdo about it.
One of the things I like to do with VMs is a 1 pc 4 people set up. Which basically 4 people sharing one pc. Each one have their own VM windows. Problem with this setup is that you need a beefy PC, luckily my work station pc has a threadripper 3990x, 64gb ram and 2060 super + radeon 7 so this is doable for me...
I'm watching a mental outlaw video and get a notification for a new mental outlaw video. What s nice way to unwind from trying to get xorg working on ancient hardware and things NOT WORKING!
If you are running Windows or MacOS in the host computer, you will still spin up a VM to run Docker. Docker requires Linux, and the trick to get it running on other OSes is to launch a VM with Linux, just the way Windows runs WSL or ChromeOS runs its Linux instance. So, Docker is only convenient in a fundamental way to Linux users. Also, you can't run nothing but Linux inside a Docker container.
The Problem about the docker is not virtualization is the definition of virtualization. Containers or jails as they were called in the old days are a completly different way of doing things then the classical i will run a Computer in a computer. It's more like I run an OS inside an OS or arguably i run a Userspace inside a Userspace. With that point of view of virtualization one could argue, that a real bare metal hypervisor is just 2 Computers running on the same Hardware and not virtualization. And the only true virtualization is Type two Hypervisors.
Yeah I always wondered about the definition of Type-1 hypervisors. I guess it's because the operating systems aren't installed directly to hardware but through a hypervisor that acts as a middleman between the hardware and OS's.
There is no current project to accomplish this, but I would wait for venus to flesh out. Red hat was working on something, but they deemed it not worth it, assumedly due to poor preformance. (You can test it yourself with gallium nine + Virgl, Spoiler alert, it ain't very good)
@@mitchelstewart9969 Virgl or virtio? If irc the windows drivers only support extremly basic commands (Keenuts/virtio-gpu-win-icd) and the only fully working version is for linux
@@nichijoufan those don't work either, they are proof of concept. at one point red hat was working on porting virgl to windows properly, but the project died. virtio has DOD drivers, but nothing for 3d accel. maybe, and hopefully this will change with thr virtio venus/vulkan backend but who knows
Qubes literally runs entire operating systems at the same time for best security. That's why it's system requirements are heavy. Compartmentalization in Firefox is just the browser making different profiles. You can do a similar thing in Chome through user profiles but it is a separate window for each. The Firefox container/profile is just creating a separate set of cookies, cache and other web data and isolating it from the other containers. It's kinda like when you open up private browsing and you are signed out of everything. From the website's perspective they can only see the cookies/data within it's container/profile.
This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000
I run all my software within my turning complete Minecraft Redstone computer. it is always safe to do so, not many viruses have gotten through my actual system yet.
And intel management engine cant bother you
@@canismajoris9115 but the glowies do keep trying to get me tho, lol. the other day I was in a Starbucks and this young lady approached and took a seat next to me, I was optimizing a few of the memory modules of my redstone-system. and she asked me what I was doing, heck, she even dared look directly at my eyes. I BET SHE WAS A GLOW IN THE DARK CIA N* TRYING TO GET ME TO SPILL MY PRIVATE INFORMATION. I called her out for the horrible person she was and punched her in the face before leaving in a sprint for my safety. I was not sure if there were more Glowies waiting for me on my way home so I took a rest under a bridge for a few days.
@@__-kd8oz You need help
@@__-kd8oz based
Someone called SethBling wrote a snes emulator in minecraft command blocks.
I like how he just gets straight to the point
Yep
HI GUYS AND WELCOME BACK TO *ANOTHER LINUX VIDEO* MAKE SURE TO HIT LIFE AND SMASH MY BUSSY
@@LabiaLicker Make the gay go away.
@@BurgerKingNationalist homophobic much?
exactly
Mental Outlaw, the man carrying me through my cybersecurity degree.
No wonder he's so buff
I second this
i found this channel 3 months too late
There are cybersecurity degrees?
I just like watching this out of curiosity, I'm far too lazy to actually take any of these measures he shows in these vids. All I care about is that my games "just work" and linux doesn't do that.
For those still not clear on the container-based virtualization (CBV) and hypervisor-based virtualization (HBV).
CBV like Docker virtualize the OS. It captures system/kernel calls, like opening file handles, making network sockets, making new threads etc. and translates these system calls to the native host's system calls. There is no separate guest OS running for the guest application. The application runs directly on the host OS, but it can't access other files and folders because it is namespace-isolated. The "/" directory for the guest application might be "/home/username/appname/" for you.
HBV like VirtualBox, QEMU, VMware and more virtualize the hardware instead of the OS. So you do in fact run a guest OS on top of your host OS. System calls are not translated for the guest app, it talks directly to the guest OS. It is when the guest OS tries to fulfil the system call by talking to hardware, is when the hypervisor comes into play. When the guest OS for example wants to read sector X of your HDD, it translates that to what location in the actual, physical HDD it belongs to, and then the corresponding file is requested by the hypervisor from the host OS (for type-2, in type-1 the hypervisor is also the host OS so it simply reads the corresponding sector itself), gets the file, read the right location, and return it back to the guest OS, which returns it to the guest app. You can see why this might be slow.
(CBV and HBV are not actual abbreviations, I just made them up for my own convenience.)
Perfect timing with the Windows 11 leak
@@ea9849 what's the step up from the free one?
@@ea9849 how can we dm you this is youtube
@@ea9849 Bro will probably sneak some FUD's on that sweety Pro16
magnet: ?xt=urn:btih:7101c26a2ba10ab2374dcc171f92a443bdc986c5&dn=21996.1.210529-1541.co_release_CLIENT_CONSUMER_x64FRE_en-us.iso
remove the space between magnet and the ? for the magnet link
edit: i added the space because youtube deletes my comment otherwise
@@p6n7l that's a torrent (or similar) link. Use a VPN when using it
the matrix is the only kind of virtualization
Underrated comment
Mmmm...blue pill please...they are the yummiest
@@littlepeon tbh I need the red pill-
@@littlepeon You spelled commieest wrong.
Tier 0 Hypervisor
During my school days virtualization was so annoying. Making whole VM network was a pain.. but I'm time I start to see pros and cons of it. Nowadays I can't live without for example proxmox. This tech became so convinient ...
Back in school, when I learned to write C++, I never considered Virtualisation as an option. It was so slow and the performance loss was not worth the slightly easier management.
Nowdays with efficient VMs, Docker, Kubernetes, .... at our Fingertips (hardware support in desktop CPUs) it is a welcome option.
We currently have some stuff where we need to create VMs and a network just for the VMs at school. Was pretty easy to set up a virtual switch on my ESXi at home. My classmates who are running their VMs on their laptops had more issues though
What are you doing with lulzsec logo?
Hypervisers Type 1 0:00
Xen & Qubes OS 2:00
Type1 vs 2 vs 1.5 3:43
Type 2 4:50
Docker 7:23
One thing that I noticed is that VirtualBox works pretty good inside Windows even in a low end machine, but on Linux for whatever reason it's incredible slow, at least for me. Then I tried Qemu + KVM and boom, loading and installation times got really fast. Unfortunately the graphics virtualization just sucks unless you do a PCI passthrought. But honestly on Linux the best virtualization experience is going to be with Qemu with virt-manager.
I'd recommend looking into VirtIO graphics and intel gvt-g for gpu virtualization in qemu. PCI passtrough is the easiest to set up if you already have the hardware though.
@@camwha5904 I was experimenting a little with the virtio graphics and it kinda works but it's really buggy on my old hardware (ivybridge). But it's way better than qxl.
containers are not related to virtualization at all, they are native applications running natively on the host hardware, even using the same kernel, they are just as separated from all the other components of the system (security-wise) as possible.
they can have similar limits (like RAM, CPU, etc.), and serve similar purposes like virtualization, but they are not the same kind. not at all.
Yep. They are completely separate. Might be a good follow-up video though.
I would like to say that it is possible to run a Windows application in a Docker containger, so this isn't entirely true. You can run a Fedora container on a Debian host. All that's necessary is that the host system should be Linux-based (because it needs namespace isolations and other stuff I don't know which is easy/exclusive to program in Linux).
So the difference is just that containers are just a locked down app? Wasnt there supposed to be advantages with differing versions too?
is there a good video out there to understand the difference?
Thats not entirely true because yes you are running on the same kernel, but the os you are running in is vitrualized.
The Problem here is the definition of virtualization.
Containers or jails as they were called in the old days are a completly different way of doing things then the classical i will run a Computer in a computer. It's more like I run an OS inside an OS or arguably i run a Userspace inside a Userspace.
With your look at virtualization one could argue, that a real bare metal hypervisor is just 2 Computers running on the same Hardware and not virtualization. And the only true virtualization is Type two Hypervisors.
@@sarah-kx5dl How docker works - intro to namespaces by liveoverflow is a good starting point.
So, I feel the need to be pedantic. VirtualBox's BIOS is GPLv2, and easily visible in the source tree, in src/VBox/Devices/PC/BIOS (for BIOS) or src/VBox/Devices/EFI/Firmware (for EFI).
Its compiled with a tool chain that does not meet the criteria to be a free and opensource.
The source code is avaible but as long as you compile it with a proprietary compiler the software is not open source
@@satra1102 honestly, this is one of those "who cares" situation.
@@satra1102 First off, I agree with the "who cares" part, but since you want to be that pedantic, I'm going to point out your pedanticity is wrong.
Second off, the "All distributions" version of VirtualBox is built with "GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7-22.0.1)". This is, believe it or not, an open-source toolchain. So, you were saying?
@@satra1102 Its not free but it is open source . They use OpenWatcom compiler , which's license requires you to share software modifications not only if you distribute but also if you use privately (like googles private linux distro) . FSF says that is not free . But the compiler's source code is open , just not libre
I feel like that 10 minute explanation was exactly what I needed I got so much information it was unreal. I was looking at type one hypervisors and wanted to know a little more about them.. Yeah this put a lot of information into perspective and I highly recommend this video for learning more about virtualization.
An episode on Qubes would be really cool
kvm is actually for type-1 virtual machines. Installing it effectively turns the "host" operating system into a type-1 hypervisor, since all hypervisors do need basic OS features. The difference is that you still have complete access to the underlying components since they are just a linux OS, so you can trat it as if it is a type-2 virtualizer if you want to.
PCI-e passthrough is a pain to deal with sometimes, but whenever it works it's amazing. I tried to pass a quad gigabit nic from Proxmox to a VM, but the card was on the same IOMMU group as the internal NIC so it passed in both and I lost access to the Proxmox web gui, later I found out that it's impossible to seperate them because of the electrical wiring on the motherboard itself. Fun times.
This channel is a gem
Bit of a clarification: As far as the type 1 hypervisor for VMware goes, that'd be ESXI. Vsphere is the configuration manager.
Can you do QEMU tutorial? All the ones I'm finding are bad and the documentation is not beginner friendly.
Try using virt-manager instead, it's a front end to QEMU. If you need to mess with your VMs once they're created you can go in and edit the config files, much easier to do this way than trying to learn QEMU from scratch.
The arch wiki has a very straightforward first-time guide and the gentoo wiki has an article on the more popular options to pass (amount of resources, kvm acceleration, etc.). Once you get an OS installed on a disk image, you can just save your launch command with all its options as an executable shell script :)
Also if you like GNOME, Boxes is just a front-end for qemu.
touhou
gpu passthrough with qemu-kvm is the best thing ever
Please tell me you watch mutahar
@@Metali-slay-deth-thrax who doesn't?
I swear you know exactly what I am working on..
i like your comment about security through obscurity!
Check containerd it is basically replacing docker to be the standard
Basically anything is overall better than docker
On RHEL based distro they prefer podman
podman is from red hat. If u want it more raw then docker check moby? i guess
I don't know much about it, but I've also heard of something similar to these things: Nix / NixOS
This might be helpful for the SEC+ cert I'm currently studying for thanks!
Thank you for the many videos lately. Really enjoying these.
Thank you for this. I wasn't sure exactly what all the hype around containers like Docker or Kubernetes was...
You got me into virtualizing windows
Have you heard about Jails in FreeBSD. I know you don’t talk about the BSDs but it’s one of the oldest virtualization system that has very little overhead.
or bhyve, more recently
VMs are great for compartmentalisation. I should’ve gotten into them sooner
I was just wondering about this! Watched a video that touched on KVM less than an hour ago.
Finally... A straightforward, no BS overview focused on the most used choices within virtualization/containerization, their practical application, and comparisons of how each relates to another.
Great video and even better demonstration of knowledge related to these technologies.
I don't understand why there isn't other content like this among other reputable content creators. It seems like most other videos are more geared towards a singular view or comparison.
👍
VMs are pretty good for gaming, but I've had trouble running some games on them. They're good, but not perfect.
Hi Lincoln
How does League of Legends play with vms?
@@sarscio I'm pretty sure it runs fine if you do gpu pass-through. The only games I can't run are valorant and rainbow 6. I had trouble running genshin but I figured it out. If you pass-through a gpu, almost all games will run like they where on windows
@@innac_makes_things heard you have to enable hyper v and add some lines in the XML to get valorant, r6s or genshin running under the vm with gpu passed in
@@doragonmeido it used to work, but I think they patched it.
How about Proxmox as a bare metal hypervisor? It's free and opensource and really nice to use.
Qemu and vmware workstation would be hybrids, because they can both operate as Type 1 or Type 2 depending on if they are using host accel, IE. Kvm/WHPX.
Also anticheats are starting to block VM gaming
@Xarvveron ?
Thankfully EasyAntiCheat leaves it up to the game developers for whether or not VM's should be bannable, and I haven't been banned on games which use that. BattleEye games (R6 siege, Escape from Tarkov, etc) will ban you for using a VM. Genshin and Valorant block VMs. But every other game in existence works perfectly fine with VM gaming rn
@@clocked0 You don't get banned for using a VM, you get banned if you try to bypass it. But battle I does block VMs. You're right about easy anti-cheat though thankfully
@@clocked0 there are methods to hiding a vm from these anti cheat services but most of the well known methods have been patched and the unknown ones are kept super secretly by the people who know them (like it’s utilizing an exploit on a new linux kernel release from a week ago that they only know for now). You can technically best the anti cheat softwares with enough brute force, research, and tinkering but they’re the ones with control over your account in the end so the risks can be pretty high
We need something like SR-IOV support for the consumer GPUs, then we would be able to run everything virtualized with full hardware acceleration without any container or VM being able to access anything which doesn’t belong to it, would be much more secure and great for Linux gaming, cause no GPUs are available, and currently we need at least two to run a Windows VM for Gaming, which is ridiculous.
Basically one idling all the time, the other working.
While nobody gets a single GPU.
Nvidias 3000 lineup support SR-IOV via hardware, but that’s it, they wait for AMD or whomever to enable it first to magically get that feature either if needed to be more competitive.
We need to demonstrate against that shit, that feature is really important and should be enabled for everyone.
Currently only super expensive pro cards for 10 grand or whatever and or with monthly multiple grand subscription fees you get that feature eventually.
AMD had one card a few years ago a FirePro or whatever forgot the name, super expensive card worse than consumer cards, but without subscription.
Level1Tech does good videos about it.
Cards without sth. similar to SR-IOV should be illegal.
Imagine your CPU not being able to run virtual machines.
I don't understand a lot of that but i agree
just use proton, no need for a windows vm nowadays.
besides, many gaming pc's already have 2 gpu's, a dedicated and a cpu-integrated one.
Hey thanks for making a vid on Qubes OS; I've been wanting a straight forward explanation about it.
Thank you for this video, Now I can do pci express pass through for free, Something that should come with and be expected in virtual machines.
Good video. You can also usb passthrough to qemu ;)
thanks for the explanation, cheers!
Even if you have a CPU older than a decade and that doesn't support virtualization, you can still run virtual machines.
Thank you for uploading this, I'm literally getting windows 11 ready for testing. I will definitely try these sometime.
are there any VMs out there that literally simulate a CPU? that would be super slow but I imagine it could be the most secure vm possible
I'm pretty sure that would be an emulator.
@@ashtentheplatypus yes, I think itd be both
Arent all emulators virtual machines?
It would still be secure if your (intel) cpu is compromise?
@@cardd1577 Not if I libreroot the fuck out of it Hahaha
@@AndyChamberlainMusic The difference is that with a VM, it's the hardware pretending, whereas with an emulator, it's the software pretending.
Great vid, but I wish you would've talked more about Xen and KVM.
Different style video but I liked it a lot :)
Is using VM on Windows good for privacy ? As in can Windows see everything I do on the VM?
Windows can see what you do on your vm, but in theory in cant see outside of the vm
@@canismajoris9115 thanks for clearing that up
@@canismajoris9115 I think he means running vm's on a windows machine(windows being the host) and not the other way around.
@@weshela-in-chief do you mean running windows in a vm or running a vm in windows what os is the host? privacy is good if windows is in a vm but if your main systems running it its way worse
1. cpu demand can be quite high due to anti cheats and drm especially denuvo.
2. if you are not playing online anti cheat should not be a problem.
3. i think a simple supervisor/warden like system could be built into the vm that reserves a few cpu cycles to detecting if the vm is not responding and reboot it.
it would be like the mac books have where they will reboot if they freeze
I understand,
Type-1 (Bare-Metal) : Hypervisors like Qubes-Os,
Type-2 (Hosted) : VirtualBox w/proprietary BIOS, QEMU (free PCIe passthru)
Docker Container
But what is meant by KVM hypervisor available only on Linux? Windows only has Hyper-V? Where does WSL2 fit in?
Next video lets talk about containers please!
Does wine count?
wine is an emulator :P
@@isAif47 it is not
@@pakistanigamer6525 agree, I thought I was funny to say it's an emulator when in the name itself it says "wine is not an emulator".
Sorry for confusion.
WINE is what's known as a 'compatibility layer'. It's not strictly an emulator or a hypervisor.
I was just going to create a virtual machine, thank you!
Thanks a lot, learned a lot!
very nice
Good video I don't quite understand the difference between type 1 and type 2 tho. Like what exactly does type 1 do to run on the hardware and get better performance?
Where does the standart Windows sandbox stands? From description it is container based. Is it any good compared to alternatives?
It's worth mentioning that with PCIe passthrough, you don't generally need to buy a second graphics card if your CPU has integrated graphics.
Where would something like WSL fall into?
Since WSL2, it is virtual machine managed by the windows hypervisor (HyperV) which you can connect through the windows terminal. Windows 10 itself has it's own virtual machine software which you can find by searching HyperV Manager on the start menu.
Additionally, if you have WSL2 you have HyperV turned on which can make virtualization by third party solutions very slow.
This is really more of what's known as a 'compatibility layer' than a hypervisor.
"You're typically not gonna see a type 1 especially at a home desktop"
Uh, the very prolific WSL2 for consumer windows would like a word..
If you [somehow] haven't heard of it, it's like Qubes except your interface in your regular windows install, and you can just run any native linux code through the windows ui on the linux sibling hyperv kernel/s
Not for security, but ease of use and is pretty stellar. P9-facilitated, seamless, two-way filesystem mounts, cli interactivity, and graphics & raw disk passthroughs.
But only for linux and no real control over other block devices for the linux kernel (but it *is* a real kernel and ive compiled my own to get wireguard working and it operates very close to metal).
For someone who doesn't know computers, how long (estimate) would it take to learn Linux?
Isn't Windows also a type 1 hypervisor? I remember reading somewhere that it is
They're probably talking about Hyper-V. It's a type 1 hypervisor technology from Microsoft that does NOT come pre-installed with windows, but can easily be enabled and downloaded (as an update). It's similar to KVM to the fact that it runs side-by-side with the windows kernel, but it lacks a lot of features compared to KVM, Xen or ESX(i).
Aw yes I'm hooked
i remember qemu being part of using swift on arm originally
Macs have integrated and dedicated graphics, could qemu work for gaming?
IBM POWER/pSeries systems have a hypervisor at the firmware level. Moreover, most setups use multiple Virtual I/O Servers that run as LPARs (VMs).
Quite a bit different than the type 1 hypervisors you see on Intel/AMD platforms.
Nice, now why not a few videos on installation and use of Dockers, QEMU and virt-manger?
Ive been wondering why you dont use QEMU/KVM with virt-manager, can you tell me why that is?
What if i have an amd64 Ryzen APU with Ubuntu installed? Do i still need a VPS to use Docker or other Containers???
I've used VirtualBox and Vagrant to match my development environment to that of my Digital Ocean instance when web developing. But haven't used VM for anything else.
What am I missing? Anything fun.
You can now use docker for that.
Not missing anything that I know of. If you are on mac (or windows i assume) then docker will not be any faster than vagrant/virtualbox for a local environment. I also find ansible much better to work with than docker. Anyways, other uses of VMs: try out a new OS, use windows semi-securely by destroying it to bits after each use, boot up xp to feel nostalgic, safely inspect infected files, test updates, you could even run a vm inside a vm if you really want to be a weirdo about it.
@@eritert I'm on Linux mint distro. I wouldn't mind booting Windows to get my Adobe CC working. So I don't have to boot my old Win7 Dell precision 😬
@@AlenAbdula Hey what's wrong with a Dell Precision running Windows 7!?
@@FlyboyHelosim nothing, im still using it for my photography work and design, but Adobe CC slowly fading out support. It is what it is
Docker is cool but I do really recommend also LXD/LXC Linux containers + WEB manager LXDUI.
What about LXD??
Or CHROOT??
(The latter is not a VM)
AFAIK Docker is not designed with security in mind and it appears to be afterthought. Any evidence to contrary?
you didn't mention the main advantage of containers which is that you can share containers and they can run everywhere..
If you don’t use a Kubernetes Cluster to play video games are you really playing video games?
No outtakes? :)
One of the things I like to do with VMs is a 1 pc 4 people set up. Which basically 4 people sharing one pc. Each one have their own VM windows. Problem with this setup is that you need a beefy PC, luckily my work station pc has a threadripper 3990x, 64gb ram and 2060 super + radeon 7 so this is doable for me...
Make a tutorial about docker. tried it but got too booring to use it
Thanks 🙏
I really wish nvidia would enable sr-iov on their consumer cards. Would love to run linux host and windows gaming vm on kvm on one card
Last time I was this early firefox was still emerging
I'm watching a mental outlaw video and get a notification for a new mental outlaw video. What s nice way to unwind from trying to get xorg working on ancient hardware and things NOT WORKING!
If you are running Windows or MacOS in the host computer, you will still spin up a VM to run Docker. Docker requires Linux, and the trick to get it running on other OSes is to launch a VM with Linux, just the way Windows runs WSL or ChromeOS runs its Linux instance. So, Docker is only convenient in a fundamental way to Linux users. Also, you can't run nothing but Linux inside a Docker container.
Qubes: the best OS for coomers
So how secure is Docker? Since it's layer 3. Not that secure, huh?
The Problem about the docker is not virtualization is the definition of virtualization.
Containers or jails as they were called in the old days are a completly different way of doing things then the classical i will run a Computer in a computer. It's more like I run an OS inside an OS or arguably i run a Userspace inside a Userspace.
With that point of view of virtualization one could argue, that a real bare metal hypervisor is just 2 Computers running on the same Hardware and not virtualization. And the only true virtualization is Type two Hypervisors.
Yeah I always wondered about the definition of Type-1 hypervisors. I guess it's because the operating systems aren't installed directly to hardware but through a hypervisor that acts as a middleman between the hardware and OS's.
If we manage to get virgil windows drivers, there will be no need to do gpu passthrough
There is no current project to accomplish this, but I would wait for venus to flesh out.
Red hat was working on something, but they deemed it not worth it, assumedly due to poor preformance.
(You can test it yourself with gallium nine + Virgl, Spoiler alert, it ain't very good)
@@mitchelstewart9969 Virgl or virtio? If irc the windows drivers only support extremly basic commands (Keenuts/virtio-gpu-win-icd) and the only fully working version is for linux
@@nichijoufan those don't work either, they are proof of concept. at one point red hat was working on porting virgl to windows properly, but the project died.
virtio has DOD drivers, but nothing for 3d accel. maybe, and hopefully this will change with thr virtio venus/vulkan backend but who knows
Will you do a video on the windows 11 leak?
Why would companies bother buying vmware when open source solutions like Xen are free?
What's the best option if I just want to run a shitty windows program that doesn't work anywhere else?
Most simple pre-windows 10 software would run in "Linux Wine" without any hypervisors
@@dvr2alarm we're talking about a shitty tax software that has to do a lot of weird magic. Wine didn't cut it.
Q: who you see Openstack in this Area, i saw this often as alternative to VMware, whats your exp on it
Ey bro I love the content. This video came out a week after I bought myself my server.
Now install Proxmax and you'll be a happy person
Yes qubes is awesome and easy
7:07 like what??
What[ forum are you on. I would like to talk
Is qubes really a hypervisor as it is a compartmentalizer? Firefox now supports this.
Qubes literally runs entire operating systems at the same time for best security. That's why it's system requirements are heavy. Compartmentalization in Firefox is just the browser making different profiles. You can do a similar thing in Chome through user profiles but it is a separate window for each. The Firefox container/profile is just creating a separate set of cookies, cache and other web data and isolating it from the other containers. It's kinda like when you open up private browsing and you are signed out of everything. From the website's perspective they can only see the cookies/data within it's container/profile.
No mention of Proxmox? Shame!
Proxmox is pretty cool to run VMs in if you have a spare desktop that you can load up with a ton of RAM.
Qubes isn't updated anymore.
This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000This video is old you aren't supposed to comment. Reported with 100000000000000000000000000000000000000000000000
YES! HE SAID DOCKER!
Lxc containers just crying in the background
wbu LXC or LXD
I found VirtManager more usefull than VirtualBox
Many hosters (Netcup for example) use KVM for virtualisation
KVM where