OpenVZ Pushing for Linux Kernel Inclusion

RomanianClimber writes to tell us News.com is reporting that SWSoft is trying to get OpenVZ into the Linux kernel. OpenVZ is an operating system level server virtualization solution, built on Linux. From the article: "In this, it has a major ally: Red Hat, the top seller of the open-source operating system, which plans to add the software to its free Fedora version of Linux for enthusiasts. The companies' move to make OpenVZ partitioning standard in Linux is timely, said Pund-IT analyst Charles King."

Why is this needed?

[by Anonymous Coward]

You can compile anything you want into the kernel.

If this becomes part of the official kernel, then it becomes the kernel maintainer's problem.

If Red Hat comiles it into their distro's kernel, it is Red Hat's problem to maintain.

So if I were the kernel maintainer, I would need a very compelling reason to take on the extra work.

Re:Why is this needed?

[m50d (797211)]

The kernel maintainers have as policy that they won't give you a stable source interface, if you want your driver to work well you should get it into the kernel (See Documentation/stable_api_nonsense.txt). That's fair enough, but a policy like that gives them a responsibility to accept things into the kernel.

Re:Why is this needed?

[DShard (159067)]

1: hans?

2: Not just pay for but work with. This is the reason Xen has never really gotten into vanilla, even though it is supported directly by IBM, Intel and AMD.

Anyone worried?

[paulius_g (808556)]

Now, I've seen SW-Soft at work numerous reasons and I don't quite agree with their principles of development. Just check out their forums, they have an awesome community of people asking features in their higer end products and they never want to implement those. Instead, they're creating some kinds of "solution" to allow "lower TCO" and "easier management", at an extra cost of course. I've used their software, and it's quite buggy.

Now, Virtuozzo is one of their most awesome products, but I still don't feel right about having a company control over a piece of software embedded into a kernel. I have a chilly feeling about what they might do next and about what they're actually gaining by enabling this.

Just my two cents, I'm sure I'll get many replies of people disagreeing.

Re:Anyone worried?

[slavemowgli (585321)]

No, I'm not worried. If the product is as crappy/buggy as you describe, Linus won't merge it.

Re:Anyone worried?

[Tony Hoyle (11698)]

It is... Virtuozzo is junk - my last host forced everyone to transfer to it (from UML, which was working fine for over a year).

Despite doubling the amount of available memory to everyone as a sweetner* it ran like a dog.. it was *really* slow - about half the speed of the UML solution. Sure it was pretty, but it spent most of its time spitting out 'out of resources' errors, and would randomly terminate applications - quite often the ssh server, meaning you had to keep rebooting... After 24 hours of almos

Re:Anyone worried?

[Bogtha (906264)]

I still don't feel right about having a company control over a piece of software embedded into a kernel.

If Linus merges it into his tree, then how are they the ones that control it? If Redhat merge it into their tree, then how are they the ones that control it?

The whole point of Free Software is that the user is the one in control, not whoever happens to hold the copyright.

You do realise that other companies have lots of code in the kernel already, don't you? This is by no means the first company to push to have their code included in the kernel. SGI contributed XFS. IBM contributed JFS. Namesys contributed ReiserFS and are currently pushing to have Reiser4 included.

I have a chilly feeling about what they might do next and about what they're actually gaining by enabling this.

Some pretty decent reasons for this off the top of my head are:

1. They have less maintenance work to do (no updates every time a new kernel comes out).
2. Less hassle for their users.
3. More testers/bugfixers.
4. They gain positive publicity.

Why the FUD?

No worries about companies, just about quality...

[by Anonymous Coward]

I've got to agree with the parent that there's no reason to fear companies putting software into the kernel. Lots of them do, and we're always encouraging companies to write open source drivers in the kernel.

What follows is purely speculation based on my feelings. Do not consider it to be factual, or make stock/software purchasing or sales decisions based on it. YMMV, IANAL, whatever.

The real problem I see, as an ex-swsoft customer, is that they really don't care as much about bugs or broken features as t

Re:Anyone worried?

[Hiro Antagonist (310179)]

I'd like to post my agreement; VZ is generally a massive pile, is a resource hog extrodinare, and sucks royally compared to both Linux VServers and FreeBSD jails. HSPComplete is even uglier. I mean, the vzbackup scripts require SSH, even if you're using them to backup the local machine, and they have this nasty habit of locking on a random VPS and then dying silently.

That's the beauty of OSS

[TheAxeMaster (762000)]

If you want something in there, then by god, put it in there. There's no huge patchwork system that affects everyone using linux when one company wants to change the underlying functioning. They can do it, and sell it if they can, while the rest of us can go happily on our way not using it.

Memory is like an...

[Slipgrid (938571)]

Memory is like an orgasm. It's a lot better if you don't have to fake it. --Cray Seymore

Re:Memory is like an...

[slavemowgli (585321)]

"Cray Seymore"? The guy's actually called "Seymour Cray", y'know - you managed to switch his first and last name around *and* add a mistake. :)

Re:Memory is like an...

[Dr. Evil (3501)]

He didn't miss a comma, he just faked it.

Hardware support?

[Visaris (553352)]

Both Intel and AMD are releasing CPUs which support OS partitioning in hardware this year (2006). Does the OpenVZ project support or have plans to support these hardware features?

Re:Hardware support?

[LurkerXXX (667952)]

Along those lines, I've read a bit about this, but I've never read exactly what it is that this will do, just that 'it helps with virtualization'. I run VMWare now. Will this new hardware support do anything for me, or will it just make it easier for the VMWare folks to write their program?

Re:Hardware support?

[Wesley Felter (138342)]

OpenVZ won't benefit from virtualization-assist hardware features.

OpenVZ/VServer versus hardware virutalization

[jonabbey (2498)]

OpenVZ doesn't care about processor virtualization features. OpenVZ (like VServer) is all about implementing a system like FreeBSD jails. In this model, there's only one kernel running, but different sets of processes are isolated from each other through operating system features. The separation applies to things like the 'ps' command and the /proc interface in general, as well as things like sockets and networking.

With OpenVZ/VServer, you can set up security and network separation so that certain processes will think of themselves as on 'internal-web-server', while others will think of themselves as 'external-web-server', and the two sets of processes would not be able to interact with each other in ways other than through the same kind of networking connections that they would use if they were on separate pieces of physical hardware.

Something like Xen or VMWare achieves this virtualization by simulating separate processors, memory, and I/O space hardware. OpenVZ/VServer doesn't incur this overhead, but does require much more significant modifications to the Linux kernel, as lots of system calls have to be modified to enforce the process group separation rules.

Re:OpenVZ/VServer versus hardware virutalization

[stedo (855834)]

Something like Xen or VMWare achieves this virtualization by simulating separate processors, memory, and I/O space hardware.

Erm, no. VMWare does this, but Xen doesn't.

The whole point of Xen was to get rid of the overhead involved in simulating a real processor. Instead, the Linux kernel was ported to Xen, almost as if it were a new chip architecture. Something like VMWare has to check for the kernel trying to manipulate I/O or do paging, and translate those instructions into what VMWare wants them to do. Si

IP Rights secure on this?

[blastard (816262)]

Has there been a serious investigation of potential patent claims against OpenVZ. This looks like a potentially hazardous inclusion.

If due diligence has been done, and no problems on the horizon, then that's great. Just would hate to have something like this included and have it open up another SCO-like situation. Recognizing that one is Copyright based, and the other would probably be Patent, and in particular US patent based.

Re:IP Rights secure on this?

[WhiteWolf666 (145211)]

License it under GPLv3 :)

Re:IP Rights secure on this?

[Nimey (114278)]

Dude, questions end with a "?", not a ".". It just looks bad and is bad English.

Xen

[chabotc (22496)]

Wasn't redhat doing a major Xen push too? Fedora Core 5 will include xen host and guest kernels plus xen3, and from what i heard their putting a major effort into getting that usable too.

Never bet on a single horse i guess?

Or am i missing something and are OpenVZ and Xen very different products? (doesn't sound like it)

Upside of Xen seems to be the ability to run *bsd and other OS's in guest domains too, no mention of this in OpenVZ

Re:Xen

[adamshelley (441935)]

From: the website [openvz.org]

Second technique: Para-Virtualized Machines. This technique also requires a VMM, but most of its work is performed in the Guest OS code, which in turn is modified to support this VMM and avoid unnecessary use of privileged instructions. The paravirtualization technique also enables running different OSs on a single server, but requires them to be ported. The paravirtualization approach is used by Xen, UML.

Third technique: Virtualization on the OS Level. Most applications running on

Re:Xen

[sakielnorn (946716)]

Or am i missing something and are OpenVZ and Xen very different products? (doesn't sound like it) Upside of Xen seems to be the ability to run *bsd and other OS's in guest domains too, no mention of this in OpenVZ

Essentially, Xen creates a new kernel for each virtual machine instance (or dom-u), while OpenVZ appears to use the same kernel instance for each virtual server. The latter approach seems to have benefits for performance and scalability, but if you discover a kernel bug in an OpenVZ server, all other instances are immediately susceptible, whereas with Xen, only the dom-u you are in is exploited (though if all instances are running the same kernel, you're up the creek). You'd generally need to be able to exploit the dom0 in order to affect all dom-u's.

Obviously, you're right about Xen supporting multiple OSes per instantiation versus OpenVZ.

Re:Xen

[Otter (3800)]

but if you discover a kernel bug in an OpenVZ server, all other instances are immediately susceptible, whereas with Xen, only the dom-u you are in is exploited (though if all instances are running the same kernel, you're up the creek).

Does anyone actually run Xen with multiple kernel versions on productions systems? It seems like an enormous source of work and trouble with very minimal return. It's not like the vulnerabilities and bugs in 2.6.n weren't almost all in 2.6.n-1 as well.

Re:Xen

[DShard (159067)]

but what if you wanted to run redhat WS 3+4 and debian sarge. the kernels there are not even close to being the same. Of course at this point it would be a big pain to even think about that, but after hardware virtualization gets in place its a no brainer.

Perspective

[kbahey (102895)]

SWSoft are the makers of Virtuozzo [wikipedia.org] a commercial product that allows hosting companies to offer Virtual Private Servers.

A rival technology is Xen [cam.ac.uk] from Cambridge University, which is free.

It's not that simple: everyone is following the $

[mattbee (17533)]

Xen has caused major shifts in business direction for commercial virtualisation companies: VMWare suddenly released their VMWare player [vmware.com] in part as an effort to make their "virtual machine file format" the standard one. Look they even want to support virtualisation standards [vmware.com] now! SWSoft kicked off OpenVZ for similar motivation: because Xen is a competing solution and (they gamble) that it is going to be better to give away a corresponding part of their "crown jewels" to get more of a market share.

Getting y

Galaxy

[msbsod (574856)]

Nice to see some progress in the Linux arena. But neither the quoted article nor the OpenVZ web site list too many alternative solutions. Here is one from another world (non-unix): OpenVMS [hp.com] Galaxy by Digital (now HP). Galaxy is part of OpenVMS, since more than half a decade.

http://h71000.www7.hp.com/wizard/wiz_3191.html [hp.com] (check the date - 1999!)
http://www.s-and-b.ru/syshlp/vms_html/6512/6512pro .html [s-and-b.ru] (an early online documentation, hosted by on a non-Digital/HP system)
http://h71000.www7.hp.com/availability/index.html [hp.com] (Lots of information about High Availability/Disaster Tolerance)

"All the world's a stage" or was it "All the galaxy's a stage?"
http://scifi.about.com/library/weekly/aa022800b.ht m [about.com]

Re:Galaxy

[oldmanmtn (33675)]

Here's an even more direct comparison: http://opensolaris.org/os/community/brandz/ [opensolaris.org]

This lets you run multiple Linux instances on top of Solaris.

Re:Galaxy

[neurojab (15737)]

Half a decade? Bah.
OS virtualization has been in common use since
1968 [wikipedia.org]!

Zones, Jails

[Craig Ringer (302899)]

BSD Jails, and Solairis zones, are two well-tested options in this area.

User Space Linux?

[molo (94384)]

How does this benefit over current inclusion of User Space Linux? Does it allow other operating systems a la VMware? Is it platform-agnostic? Any info?

-molo

Pros and cons

[countach (534280)]

So what are the pros and cons of Xen versus OpenVZ? My initial reaction is that Xen is the way to go because it is REALLY running different Linux instances. This is good because you can upgrade different instances to different OS versions. I know on those big Sun boxes with virtual environments its a pain in the butt because to upgrade the OS you have to upgrade a zillion applications at once to the new OS version which is a nightmare. But with real virtualisation with completely different kernels running y

Re:Pros and cons

[by Anonymous Coward]

They aren't quite the same thing. Xen is more useful in a number of situations, but requires multiple copies of the kernel to be running. Yes, in some instances it is an advantage (such as when developing kernel drivers, so that a panic/oops doesn't take down the entire system), but for hosting (which is what Virtuozzo is for), you want better resource usage. Unfortunately, OpenVZ doesn't include the filesystem driver, which gives much better resource sharing, but at least it still includes the per-VPS r

Virtuozzo and OpenVZ

[gantry (180560)]

Although Virtuozzo is "built on top of OpenVZ", is Virtuozzo's kernel component a publicly available version of OpenVZ, built without using any proprietary patches or modules?

http://openvz.org/documentation/tech/virtuozzo [openvz.org] states "Differently from OpenVZ, Virtuozzo(TM) is developed and designed to run production workloads in 24×7 environments ..."

and goes on to list, among Virtuozzo's advantages over OpenVZ:

"Higher VPS density. Virtuozzo(TM) provides efficient memory and file sharing mechanisms enabling higher VPS density and better performance of VPSs.

"Improved Stability, Scalability, and Performance. Virtuozzo(TM) is designed to run 24×7 environments with production workloads on hosts with up-to 32 CPUs."

Why should Linux accept a kernel patch if (unlike Linux itself) it is not designed to run 24×7 environments with production workloads on hosts with up-to 32 CPUs?

this has nothing on Solaris Zones

[by Anonymous Coward]

well this will probably run multiple kernels, but probably means multiple times the work and the administration headaches, with Solaris Zones [blogspot.com] you share the kernel, but you only need to administer one core install of the OS.

A base install of Solaris in a zone, uses just 100MB of harddisk space. And on modern hardware takes less than 15 minutes per zone to install. Of course if you use the latest and greatest Solaris Express releases, you can use ZFS+Zones [blogspot.com] to cut the size of each zone down to 50MB of

Pfft

[drix (4602)]

Real men use
# chroot /var/secure /vmlinux

non-graphical interface?

[egburr (141740)]

What I'd really like to know is if there will be some way for me to ssh in to my server and "press" the power button for a virtual machine and have it start up. Or, will it require that I be able to export my display before I can start it up? And would there be any way to remotely grab the console of an already active virtual machine?

Similar to...?

[ivoras (455934)]

Is this similar to FreeBSD jails http://www.freebsddiary.org/jail.php [freebsddiary.org] and Solaris Zones http://www.sun.com/bigadmin/content/zones/ [sun.com] or is it something new?

If it is, it's a good thing to have, though all that "commercial firm pitching a free version of their product into baseline kernel" thing sounds a bit dodgy.

Pund-IT?

[Mike Markley (9536)]

A Pund company name... awesome.

*waits for it*

The Linux devs should reject it's inclusion

[TheLink (130905)]

All the current x86 virtualization stuff is going to be out of date soon. It will be just adding kludges to the kernel to implement stuff that required by virtualization deficiencies in old x86 stuff. If you need those kludges, Xen should be enough.

This is because Intel and AMD are going to allow new and far more efficient ways of doing virtualization, with hardware assistance (lookup Intel Vanderpool and AMD Pacifica).

So, I don't see much long term gain for the effort for all the minuses.

You risk lower quality and increased maintenance costs. And you might also increase exposure to patent claims (but I bet IBM can smash anyone to pulp especially with virtualization patents).

You will still need developers to work on Vanderpool and Pacifica stuff, and I think you'd get better "bang for buck" with that (plus I think it will be a lot more fun).

Running Windows XP and Linux simultaneously

[RidiculousPie (774439)]

There are several ways to do this, with varying levels of stability and performance.

QEMU [bellard.free.fr] will run Linux, BSDs, and Windows, from either Windows or Linux.
Colinux [colinux.org] will run linux from Windows XP. I'm not sure what the latest Fedora Image for it is, but I run a 2.6 kernel based Gentoo build from XP frequently (for that nethack fix).

I'm not sure either is suitable, but i would recommend looking at them, as they are both interesting projects, if not immediately useful to you.

Re:Running Windows XP and Linux simultaneously

[Forbman (794277)]

CoLinux is pretty swank from within Windows.

You don't like nethack on Win32? That's how I get my nethack fix.

The only problems I have are getting networking to work right between the colinux environment and Windows. The instructions for it online in the colinux wiki suck.

Re:This is an idea I like

[glowworm (880177)]

From wikipedia "Whereas VMs attempt to virtualize "a complete set of hardware," VPSs represent a "lighter" abstraction, virtualing instead "an operating system instance." All VPSs run atop a single operating system kernel. The VPS mechanism multiplexes this one OS kernel to look like multiple OS (and server) instances, especially from the perspective of running applications, users, and network services.

You don't want a VPS, what you want is something to create a VM like VMWare. It creates seperate virtual

Re:This is an idea I like

[aevans (933829)]

You don't want a VPS.... but your hosting provider does, especially now that off the shelf hardware is so fast that under full load, if you divide the CPU by 10 or even 100 under lighter loads, your'e still I/O and network bound.

Re:This is an idea I like

[BrookHarty (9119)]

But, paravirtualization is faster than Virtual machines. Xensource booted windowsxp, but I never saw a downloadable product. Performance wise, you could get a large speed boost and run both WinXP and linux. If its true and OSX and XP Both are have xen packages, that will be some very interesting configurations this year.

Re:Top seller

[paulius_g (808556)]

You do realize that when you buy Red Hat Enterprise, you're actually paying for technical support.

RHE is based on CentOS (http://www.centos.org/ [centos.org] It's also my favorite distro for both desktops and servers! So go try it out.

Re:Top seller

[Burdell (228580)]

RHE is based on CentOS

You've got that backwards. CentOS takes the RHEL SRPMS released by Red Hat, rebuilds the binaries, and reassembles them into a distribution.

Re:OpenVZ?

[demon (1039)]

Other posts have covered it, but a quick summary:

OpenVZ is a subset of a commercial product called Virtuozzo. It provides "virtual private server" functionality similar to FreeBSD jail() or Solaris Zones, including a private virtual network stack, private process space, and such, to each instance. However, it all runs on top of a single (specially modified) Linux kernel. Its advantages are in easy resource sharing among instances - since everything is running under one kernel, resource sharing (disk, memory