OpenVZ Pushing for Linux Kernel Inclusion 160
RomanianClimber writes to tell us News.com is reporting that SWSoft is trying to get OpenVZ into the Linux kernel. OpenVZ is an operating system level server virtualization solution, built on Linux. From the article: "In
this, it has a major ally: Red Hat, the top seller of the open-source operating system, which plans to add the software to its free Fedora version of Linux for enthusiasts. The companies' move to make OpenVZ partitioning standard in Linux is timely, said Pund-IT analyst Charles King."
Why is this needed? (Score:5, Insightful)
If this becomes part of the official kernel, then it becomes the kernel maintainer's problem.
If Red Hat comiles it into their distro's kernel, it is Red Hat's problem to maintain.
So if I were the kernel maintainer, I would need a very compelling reason to take on the extra work.
Re:Why is this needed? (Score:5, Insightful)
Re:Why is this needed? (Score:1)
It's also their responsability to reject worse coded patches. Linus is known to refuse patches - no matter how sexy the feature is - until they have the quality he wants to see.
Re:Why is this needed? (Score:2)
Kernel hacks that aren't part of Linus' kernel are a nightmare to maintain over time. At one point my machine had a PPTP hack, a hack for my HDTV card, and a hack for my video card. Upgrading kernels was a nightmare.
A project isn't complete until it is easily usable by the major distros (debian especially). This means getting into the kernel, or X, or whatever projects are affected. Not easy sometimes unfortunately.
Re:Why is this needed? (Score:5, Interesting)
2: Not just pay for but work with. This is the reason Xen has never really gotten into vanilla, even though it is supported directly by IBM, Intel and AMD.
Re:Why is this needed? (Score:2)
Best one-word argument I've seen in a while... if I had mod points right now...
Anyone worried? (Score:5, Insightful)
Now, Virtuozzo is one of their most awesome products, but I still don't feel right about having a company control over a piece of software embedded into a kernel. I have a chilly feeling about what they might do next and about what they're actually gaining by enabling this.
Just my two cents, I'm sure I'll get many replies of people disagreeing.
Re:Anyone worried? (Score:2)
Re:Anyone worried? (Score:3, Interesting)
Despite doubling the amount of available memory to everyone as a sweetner* it ran like a dog.. it was *really* slow - about half the speed of the UML solution. Sure it was pretty, but it spent most of its time spitting out 'out of resources' errors, and would randomly terminate applications - quite often the ssh server, meaning you had to keep rebooting... After 24 hours of almos
Re:Anyone worried? (Score:2)
That doesn't sound likely, since the GP stated the memory allocated was doubled. Or perhaps you are saying that Virtuozzo is not designed to support as many concurrent VPSs as UML on the same machine?
That would mean Virtuozzo is very poor, because UML is a major resource hog, and is not designed to be particularly efficient. In theory, partitioning software should be the most efficient possible way to create "virtual root jails".
Re:Anyone worried? (Score:5, Insightful)
If Linus merges it into his tree, then how are they the ones that control it? If Redhat merge it into their tree, then how are they the ones that control it?
The whole point of Free Software is that the user is the one in control, not whoever happens to hold the copyright.
You do realise that other companies have lots of code in the kernel already, don't you? This is by no means the first company to push to have their code included in the kernel. SGI contributed XFS. IBM contributed JFS. Namesys contributed ReiserFS and are currently pushing to have Reiser4 included.
Some pretty decent reasons for this off the top of my head are:
Why the FUD?
No worries about companies, just about quality... (Score:3, Informative)
What follows is purely speculation based on my feelings. Do not consider it to be factual, or make stock/software purchasing or sales decisions based on it. YMMV, IANAL, whatever.
The real problem I see, as an ex-swsoft customer, is that they really don't care as much about bugs or broken features as t
Re:Anyone worried? (Score:2)
Going wildly offtopic for a moment, that may be the *intention*, but it's not generally the case. In practice, if the user is a developer who is skilled in the relevant area, then they are in control - they can hack bits in and/or out to their heart's content.
Where the user is not skilled in the appropriate area, or is semi- or non-technical, they have no more control than they do with any other OS. They can tweak settings here and there
Re:Anyone worried? (Score:2)
Re:Anyone worried? (Score:1)
Not only that, but they sometimes actively prevent interested people from buying their products. I'm in a company that is placed three hour drive from Munchen and one hour from Venice, and they insist we do business with them through their Moscow office... Because they think Moscow is somehow closer to me. Three timezones of difference and the only link being 4 hour flight from Frankfurt/Main are somehow closer than 30 minute plane flight to Frankfurt/M. Strange though, that they didn't recommend Novosibir
That's the beauty of OSS (Score:3, Interesting)
Re:That's the beauty of OSS (Score:1)
It'll more than likely end up as one of those "If you don't know what this is, you don't need it" features.
Memory is like an... (Score:4, Funny)
Re:Memory is like an... (Score:2)
Re:Memory is like an... (Score:5, Funny)
He didn't miss a comma, he just faked it.
Hardware support? (Score:5, Insightful)
Re:Hardware support? (Score:2)
Re:Hardware support? (Score:2)
OpenVZ/VServer versus hardware virutalization (Score:5, Informative)
OpenVZ doesn't care about processor virtualization features. OpenVZ (like VServer) is all about implementing a system like FreeBSD jails. In this model, there's only one kernel running, but different sets of processes are isolated from each other through operating system features. The separation applies to things like the 'ps' command and the /proc interface in general, as well as things like sockets and networking.
With OpenVZ/VServer, you can set up security and network separation so that certain processes will think of themselves as on 'internal-web-server', while others will think of themselves as 'external-web-server', and the two sets of processes would not be able to interact with each other in ways other than through the same kind of networking connections that they would use if they were on separate pieces of physical hardware.
Something like Xen or VMWare achieves this virtualization by simulating separate processors, memory, and I/O space hardware. OpenVZ/VServer doesn't incur this overhead, but does require much more significant modifications to the Linux kernel, as lots of system calls have to be modified to enforce the process group separation rules.
Re:OpenVZ/VServer versus hardware virutalization (Score:3, Informative)
Erm, no. VMWare does this, but Xen doesn't.
The whole point of Xen was to get rid of the overhead involved in simulating a real processor. Instead, the Linux kernel was ported to Xen, almost as if it were a new chip architecture. Something like VMWare has to check for the kernel trying to manipulate I/O or do paging, and translate those instructions into what VMWare wants them to do. Si
Re:OpenVZ/VServer versus hardware virutalization (Score:2)
Yes, of course. If you read what I said, though, I didn't contradict that.
Just because Xen doesn't simulate a x86 processor doesn't mean that it doesn't simulate a processor. The processor that Xen simulates is a Xen-x86 processor, in which the only processor functions that have to be emulated are ones that are not virtualizable without Intel and AMD's upcoming virtualization ISA modifications, "Intel Virtualization Technology/Vanderpool", and "Pacifica".
But the kernel does boot and exceute on top of
Re:Pros and cons (Score:2)
In particular, Xan has an advantage that different operating systems can run concurrently.
If you want Linux, and only Linux, then OpenVZ/Vserver might be a better solution. But if the single kernel crashes, all of the isolated virtualized sets of processes also crash. Under Xen, if one kernel crashed, the other kernel's (which might even be a different OS) are less likely to be affected.
OpenVZ/V
Re:Pros and cons (Score:2)
Xen uses Bridge interfaces in the Dom0 operating system host.
Re:Hardware support? (Score:2)
IP Rights secure on this? (Score:3, Interesting)
If due diligence has been done, and no problems on the horizon, then that's great. Just would hate to have something like this included and have it open up another SCO-like situation. Recognizing that one is Copyright based, and the other would probably be Patent, and in particular US patent based.
Re:IP Rights secure on this? (Score:2)
Re:IP Rights secure on this? (Score:4, Funny)
Re:IP Rights secure on this? (Score:2, Funny)
Re:IP Rights secure on this? (Score:1)
Re:IP Rights secure on this? (Score:2)
You're right, it would seem that this would be the sort of thing that the software patenters would have been all over, but you can't patent something if there's prior art, and there was a lot of prior art in virtualization way before software patents were ever granted in this country.
If things like VServer and OpenVZ violate patents, I'd expect that the FreeBSD 5 Jail system would as well, and I've not heard of any patent action against the FreeBSD folks on this ground.
I can understand one thing (Score:1)
If its anything more then that then yeah, they'll get told to bugger off (and so they should).
BTW i didnt RTFA on this one
Xen (Score:5, Interesting)
Never bet on a single horse i guess?
Or am i missing something and are OpenVZ and Xen very different products? (doesn't sound like it)
Upside of Xen seems to be the ability to run *bsd and other OS's in guest domains too, no mention of this in OpenVZ
Re:Xen (Score:3, Informative)
Second technique: Para-Virtualized Machines. This technique also requires a VMM, but most of its work is performed in the Guest OS code, which in turn is modified to support this VMM and avoid unnecessary use of privileged instructions. The paravirtualization technique also enables running different OSs on a single server, but requires them to be ported. The paravirtualization approach is used by Xen, UML.
Third technique: Virtualization on the OS Level. Most applications running on
Re:Xen (Score:5, Insightful)
Essentially, Xen creates a new kernel for each virtual machine instance (or dom-u), while OpenVZ appears to use the same kernel instance for each virtual server. The latter approach seems to have benefits for performance and scalability, but if you discover a kernel bug in an OpenVZ server, all other instances are immediately susceptible, whereas with Xen, only the dom-u you are in is exploited (though if all instances are running the same kernel, you're up the creek). You'd generally need to be able to exploit the dom0 in order to affect all dom-u's.
Obviously, you're right about Xen supporting multiple OSes per instantiation versus OpenVZ.
Re:Xen (Score:2)
Does anyone actually run Xen with multiple kernel versions on productions systems? It seems like an enormous source of work and trouble with very minimal return. It's not like the vulnerabilities and bugs in 2.6.n weren't almost all in 2.6.n-1 as well.
Re:Xen (Score:2)
Re:Xen (Score:2)
They have similar goals, but they're pretty different technically. For example, with Xen you have to partition the memory space quite rigidly - each virtual machine gets 128MB or whatever. They can't borrow from others memory that's not being used. So if you look at a Xen-based virtualization provider like RimuHosting [rimuhosting.com], you'll see that their highest virtualized configuration gives you 320MB of memory. If you lo
Re:Xen (Score:2)
Yes, they are very different things. OpenVZ is more like BSD Jails or Solaris Zones (aka Solaris Containers). Xen is more like mainframe virtualization and very roughly like VMware (though not as useful).
OpenVZ is probably faster because kernel resources are shared. Xen permits different kernels or even different operating systems to run at the same time. OpenVZ will scale to a larger number of simultane
Re:Xen (Score:2)
Re:Xen (Score:1)
This is an idea I like (Score:1)
Running Windows XP and Linux simultaneously (Score:4, Informative)
QEMU [bellard.free.fr] will run Linux, BSDs, and Windows, from either Windows or Linux.
Colinux [colinux.org] will run linux from Windows XP. I'm not sure what the latest Fedora Image for it is, but I run a 2.6 kernel based Gentoo build from XP frequently (for that nethack fix).
I'm not sure either is suitable, but i would recommend looking at them, as they are both interesting projects, if not immediately useful to you.
Re:Running Windows XP and Linux simultaneously (Score:2)
You don't like nethack on Win32? That's how I get my nethack fix.
The only problems I have are getting networking to work right between the colinux environment and Windows. The instructions for it online in the colinux wiki suck.
Re:This is an idea I like (Score:3, Informative)
You don't want a VPS, what you want is something to create a VM like VMWare. It creates seperate virtual
Re:This is an idea I like (Score:5, Interesting)
Re:This is an idea I like (Score:2)
Yes you do - you just don't know it yet.
I've been using FreeBSD jails (similar idea) for a few years, and that kind of virtualization is a great way to isolate potential security exploits from the rest of the system. Want to try a binary-only application? Fire it up inside a jail. Need to run some PHP app with a sketchy track record? Host it on a jailed Apache server.
Many of us are starting to use jails where we would have used chroot a few years ago. I know I'm hopelessly gee
Re:This is an idea I like (Score:2)
Re:This is an idea I like (Score:2)
Perspective (Score:5, Informative)
A rival technology is Xen [cam.ac.uk] from Cambridge University, which is free.
It's not that simple: everyone is following the $ (Score:3, Insightful)
Getting y
Galaxy (Score:5, Interesting)
http://h71000.www7.hp.com/wizard/wiz_3191.html [hp.com] (check the date - 1999!)
http://www.s-and-b.ru/syshlp/vms_html/6512/6512pr
http://h71000.www7.hp.com/availability/index.html [hp.com] (Lots of information about High Availability/Disaster Tolerance)
"All the world's a stage" or was it "All the galaxy's a stage?"
http://scifi.about.com/library/weekly/aa022800b.h
Re:Galaxy (Score:2)
This lets you run multiple Linux instances on top of Solaris.
Re:Galaxy (Score:2)
OS virtualization has been in common use since
1968 [wikipedia.org]!
Re:Galaxy (Score:1)
Zones, Jails (Score:2)
User Space Linux? (Score:2, Insightful)
-molo
Re:User Space Linux? (Score:2, Informative)
In short, OpenVZ uses the single-kernel virtualization approach, which differs from either VMware or Xen: instead of trying to emulate something, kernel is modified to support multiple isolated environments, so each such environment looks-and-feels like a separate server. Good things about it is (1) best possible performance (no to little performance overhead due) and (2) hardware resources (CPU, RAM etc.) are contr
Pros and cons (Score:2, Informative)
Re:Pros and cons (Score:3, Informative)
Re:Pros and cons (Score:1, Interesting)
Re:Pros and cons (Score:2)
It depends on what you're trying to accomplish. If you want to host full-blown virtual machines, each with their own static resources, then Xen is great.
If you're only trying to isolate one specific application, though, and you're not sure how much memory, disk, or CPU to allocate to it, then the style of virtualization that OpenVZ (among others) uses may be exactly what you needed.
Virtuozzo and OpenVZ (Score:5, Informative)
http://openvz.org/documentation/tech/virtuozzo [openvz.org] states "Differently from OpenVZ, Virtuozzo(TM) is developed and designed to run production workloads in 24×7 environments
and goes on to list, among Virtuozzo's advantages over OpenVZ:
"Higher VPS density. Virtuozzo(TM) provides efficient memory and file sharing mechanisms enabling higher VPS density and better performance of VPSs.
"Improved Stability, Scalability, and Performance. Virtuozzo(TM) is designed to run 24×7 environments with production workloads on hosts with up-to 32 CPUs."
Why should Linux accept a kernel patch if (unlike Linux itself) it is not designed to run 24×7 environments with production workloads on hosts with up-to 32 CPUs?
Re:Virtuozzo and OpenVZ (Score:2)
this has nothing on Solaris Zones (Score:2, Interesting)
A base install of Solaris in a zone, uses just 100MB of harddisk space. And on modern hardware takes less than 15 minutes per zone to install. Of course if you use the latest and greatest Solaris Express releases, you can use ZFS+Zones [blogspot.com] to cut the size of each zone down to 50MB of
Re:this has nothing on Solaris Zones (Score:2)
As far as Solaris Zone setup time, I have my own scripts that already set up a new Xen domain in a matter of a couple minutes from scratch for several Linux distributions - Sun's hardly doing anything earth-shaking there...
Arg! (Score:1)
Pfft (Score:2)
# chroot
non-graphical interface? (Score:3, Interesting)
Re:non-graphical interface? (Score:1)
You can work around this requirement using the X Virtual Frame Buffer (Xvfb). Install Xvfb and the associated xvfb-run script (google it if it is not part of your distro - it comes with Debian but can be downloaded separately).
Then run vmplayer/workstation thus:
xvfb-run
Your VM will start in a virtual display, and run for as long as that
Re:non-graphical interface? (Score:1, Informative)
Similar to...? (Score:2)
If it is, it's a good thing to have, though all that "commercial firm pitching a free version of their product into baseline kernel" thing sounds a bit dodgy.
Pund-IT? (Score:2)
*waits for it*
Great 1 more failed comedian turned marketing exec (Score:1)
Seriously, when he's got some sort of reputation, does he expect people to introduce him as a "Pund-IT Analyst"? Lame
xen is king (Score:2)
VZ is not quite the same... but I agree. (Score:2)
VPSes like OS/2? (Score:2)
idea... (Score:2)
Xen ? (Score:1)
Re:Xen ? (Score:2)
Re:Xen ? (Score:2)
The Linux devs should reject it's inclusion (Score:5, Informative)
This is because Intel and AMD are going to allow new and far more efficient ways of doing virtualization, with hardware assistance (lookup Intel Vanderpool and AMD Pacifica).
So, I don't see much long term gain for the effort for all the minuses.
You risk lower quality and increased maintenance costs. And you might also increase exposure to patent claims (but I bet IBM can smash anyone to pulp especially with virtualization patents).
You will still need developers to work on Vanderpool and Pacifica stuff, and I think you'd get better "bang for buck" with that (plus I think it will be a lot more fun).
Re:The Linux devs should reject it's inclusion (Score:1)
Pardon me sir and nothing personal, but I don't give a SHIT about maintenance costs...
Since when do you people care so much about maintenance costs? That Raymond-dude really got into your brains didn't he?
If it's fun to use and doesn't break other things, put it in the god-damn kernel
And let the blood-sucking companies care or not about costs
Where's your hacker spirits for christ's sakes??
Re:The Linux devs should reject it's inclusion (Score:2)
The Xen approach is more generalised than OpenVZ and they have already expressed their interest in supporting true VM supporting hardware like the AMD Pacifica. They also have the concept of being able to checkpoint and move VMs between machines. Th
This would be a REALLY REALLY bad choice. (Score:2, Insightful)
Two really big problems I see are these two.
1) There is many other virtual server projects which do the same thing as OpenVZ. If one is included into the kernel, and the others conflict with eachtother over that, that's really going to complicate the linux world.
2) Multi
Re:This would be a REALLY REALLY bad choice. (Score:2)
I may be completely off-base here, but do you by any chance have a massively inflated sense of your own importance?
Re:This would be a REALLY REALLY bad choice. (Score:2)
For what its worth, reading the other posts on this topic does suggest that OpenVZ is a good thing to have, and would not interfere with other virtualisation systems - OpenVZ is more about process separation than true virtualisation anyway
Re:This would be a REALLY REALLY bad choice. (Score:1)
If you knew anything about the linux kernel and how these virtualization patches work you would have understood my statement. It is perhaps not me who "doesn't know what he's talking about", but it is you with the limited knowledge of how these work.
For these virtualization patches to work on a kernel, they have to modify key features and code of the kernel. If you had looked into what your
Re:This would be a REALLY REALLY bad choice. (Score:1)
5 (euro)cents worth... (Score:1)
This shouldn't be in the kernel.
-/Most end-users won't care about this technology. For them, Hypervisor is more of interest (whoa! no more dual booting, dude!!)
-/The functionality is more relevant to businesses who have no issue with custom kernels.....but then why not go for something supported/enterprise-grade?
-/It's the crappy freeware version intended to sell the upscale enterprise version. Why put something intentionally crippled in the kernel?
-/ There are sev
VZ hosting products are interesting (Score:2)
It is like colocation but less expensive. You share cpu & disk with other servers, but it is easier to maintain than a complete dedicated server.
OpenVZ versus Zen versus User-mode Linux versus... (Score:2)
(I still miss running dosemu... that was fun...)
Re:Top seller (Score:2)
RHE is based on CentOS (http://www.centos.org/ [centos.org] It's also my favorite distro for both desktops and servers! So go try it out.
Re:Top seller (Score:5, Informative)
You've got that backwards. CentOS takes the RHEL SRPMS released by Red Hat, rebuilds the binaries, and reassembles them into a distribution.
Re:OpenVZ? (Score:3, Informative)
OpenVZ is a subset of a commercial product called Virtuozzo. It provides "virtual private server" functionality similar to FreeBSD jail() or Solaris Zones, including a private virtual network stack, private process space, and such, to each instance. However, it all runs on top of a single (specially modified) Linux kernel. Its advantages are in easy resource sharing among instances - since everything is running under one kernel, resource sharing (disk, memory
Re:OpenVZ? (Score:2)