Slashdot Mirror
OpenVZ Pushing for Linux Kernel Inclusion
RomanianClimber writes to tell us News.com is reporting that SWSoft is trying to get OpenVZ into the Linux kernel. OpenVZ is an operating system level server virtualization solution, built on Linux. From the article: "In
this, it has a major ally: Red Hat, the top seller of the open-source operating system, which plans to add the software to its free Fedora version of Linux for enthusiasts. The companies' move to make OpenVZ partitioning standard in Linux is timely, said Pund-IT analyst Charles King."
You can compile anything you want into the kernel.
If this becomes part of the official kernel, then it becomes the kernel maintainer's problem.
If Red Hat comiles it into their distro's kernel, it is Red Hat's problem to maintain.
So if I were the kernel maintainer, I would need a very compelling reason to take on the extra work.
Now, I've seen SW-Soft at work numerous reasons and I don't quite agree with their principles of development. Just check out their forums, they have an awesome community of people asking features in their higer end products and they never want to implement those. Instead, they're creating some kinds of "solution" to allow "lower TCO" and "easier management", at an extra cost of course. I've used their software, and it's quite buggy.
Now, Virtuozzo is one of their most awesome products, but I still don't feel right about having a company control over a piece of software embedded into a kernel. I have a chilly feeling about what they might do next and about what they're actually gaining by enabling this.
Just my two cents, I'm sure I'll get many replies of people disagreeing.
The hip way to get your IP. No ads, ever.
If you want something in there, then by god, put it in there. There's no huge patchwork system that affects everyone using linux when one company wants to change the underlying functioning. They can do it, and sell it if they can, while the rest of us can go happily on our way not using it.
Memory is like an orgasm. It's a lot better if you don't have to fake it. --Cray Seymore
Both Intel and AMD are releasing CPUs which support OS partitioning in hardware this year (2006). Does the OpenVZ project support or have plans to support these hardware features?
I am a viral sig. Please help me spread.
Has there been a serious investigation of potential patent claims against OpenVZ. This looks like a potentially hazardous inclusion.
If due diligence has been done, and no problems on the horizon, then that's great. Just would hate to have something like this included and have it open up another SCO-like situation. Recognizing that one is Copyright based, and the other would probably be Patent, and in particular US patent based.
Wasn't redhat doing a major Xen push too? Fedora Core 5 will include xen host and guest kernels plus xen3, and from what i heard their putting a major effort into getting that usable too.
Never bet on a single horse i guess?
Or am i missing something and are OpenVZ and Xen very different products? (doesn't sound like it)
Upside of Xen seems to be the ability to run *bsd and other OS's in guest domains too, no mention of this in OpenVZ
SWSoft are the makers of Virtuozzo a commercial product that allows hosting companies to offer Virtual Private Servers.
A rival technology is Xen from Cambridge University, which is free.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
Nice to see some progress in the Linux arena. But neither the quoted article nor the OpenVZ web site list too many alternative solutions. Here is one from another world (non-unix): OpenVMS Galaxy by Digital (now HP). Galaxy is part of OpenVMS, since more than half a decade.
o .html (an early online documentation, hosted by on a non-Digital/HP system)
t m
http://h71000.www7.hp.com/wizard/wiz_3191.html (check the date - 1999!)
http://www.s-and-b.ru/syshlp/vms_html/6512/6512pr
http://h71000.www7.hp.com/availability/index.html (Lots of information about High Availability/Disaster Tolerance)
"All the world's a stage" or was it "All the galaxy's a stage?"
http://scifi.about.com/library/weekly/aa022800b.h
There are several ways to do this, with varying levels of stability and performance.
QEMU will run Linux, BSDs, and Windows, from either Windows or Linux.
Colinux will run linux from Windows XP. I'm not sure what the latest Fedora Image for it is, but I run a 2.6 kernel based Gentoo build from XP frequently (for that nethack fix).
I'm not sure either is suitable, but i would recommend looking at them, as they are both interesting projects, if not immediately useful to you.
ah, mod points
From wikipedia "Whereas VMs attempt to virtualize "a complete set of hardware," VPSs represent a "lighter" abstraction, virtualing instead "an operating system instance." All VPSs run atop a single operating system kernel. The VPS mechanism multiplexes this one OS kernel to look like multiple OS (and server) instances, especially from the perspective of running applications, users, and network services.
You don't want a VPS, what you want is something to create a VM like VMWare. It creates seperate virtual machines allowing you to run (like I do) Gentoo and XP at the same time.
Orationem pulchram non habens, scribo ista linea in lingua Latina
You don't want a VPS.... but your hosting provider does, especially now that off the shelf hardware is so fast that under full load, if you divide the CPU by 10 or even 100 under lighter loads, your'e still I/O and network bound.
Although Virtuozzo is "built on top of OpenVZ", is Virtuozzo's kernel component a publicly available version of OpenVZ, built without using any proprietary patches or modules?
..."
http://openvz.org/documentation/tech/virtuozzo states "Differently from OpenVZ, Virtuozzo(TM) is developed and designed to run production workloads in 24×7 environments
and goes on to list, among Virtuozzo's advantages over OpenVZ:
"Higher VPS density. Virtuozzo(TM) provides efficient memory and file sharing mechanisms enabling higher VPS density and better performance of VPSs.
"Improved Stability, Scalability, and Performance. Virtuozzo(TM) is designed to run 24×7 environments with production workloads on hosts with up-to 32 CPUs."
Why should Linux accept a kernel patch if (unlike Linux itself) it is not designed to run 24×7 environments with production workloads on hosts with up-to 32 CPUs?
I've got to agree with the parent that there's no reason to fear companies putting software into the kernel. Lots of them do, and we're always encouraging companies to write open source drivers in the kernel.
What follows is purely speculation based on my feelings. Do not consider it to be factual, or make stock/software purchasing or sales decisions based on it. YMMV, IANAL, whatever.
The real problem I see, as an ex-swsoft customer, is that they really don't care as much about bugs or broken features as they do about marketing points. They made all sorts of claims about their software when they sold it to us, but many things weren't ready for nearly a year by which time we were forced to pay an additional "maintenance" fee if we really wanted to get those features. (or for that matter, any security updates) By then we were so dissatisfied with Virtuozzo and HSPC, we didn't bother paying for the upgrade. They also refused our requests for access to their source RPMs, even ones marked as being GPLed.
I've looked over their OpenVZ information already, to see if they are finally playing nice with the open source community, and the first thing I noticed is that they are refusing to release vzfs, which is required to get any decent performance/scalability with Virtuozzo. They're doing it for marketing reasons, i.e. they want people to view OpenVZ as something of a demo product before getting the "real" product, Virtuozzo. I believe they could easily release vzfs if they wanted to, but they recognize that their customer support (and programming quality) is such that nobody would willingly pay for it if they could get the software source code for free. Also, they'd probably quickly be cut out of development, because their code lacks the quality of that normally found in the linux kernel, and there are plenty of other people (eg vservers) who would take over.
If anyone really wants to get full Virtuozzo style resource sharing into linux, I suggest they start working on either XenFS or some vservers based copy-on-write filesystem. Without vzfs, OpenVZ is barely an improvement over vservers in that it supports "user beancounters", and it is barely an improvement over Xen in that it supports a shared kernel resources. If XenFS was functional, Xen would be a much superior product in terms of resource usage and security, at the very slight cost of an extra context switch for guest/host inter-kernel communications. If vservers had something equivalent to the UBC code, then (thanks to vservers unification) it would have all the functionality of Virtuozzo. The only thing missing in either case is commercial support, and I'm sure there would be people happy to offer that as well.
On the other hand, I'd be happy if they did release vzfs, not because I plan to use it, but because I think more choice is better. I'm not sure I'd want it in the kernel over Xen or vservers though.
OpenVZ doesn't care about processor virtualization features. OpenVZ (like VServer) is all about implementing a system like FreeBSD jails. In this model, there's only one kernel running, but different sets of processes are isolated from each other through operating system features. The separation applies to things like the 'ps' command and the /proc interface in general, as well as things like sockets and networking.
With OpenVZ/VServer, you can set up security and network separation so that certain processes will think of themselves as on 'internal-web-server', while others will think of themselves as 'external-web-server', and the two sets of processes would not be able to interact with each other in ways other than through the same kind of networking connections that they would use if they were on separate pieces of physical hardware.
Something like Xen or VMWare achieves this virtualization by simulating separate processors, memory, and I/O space hardware. OpenVZ/VServer doesn't incur this overhead, but does require much more significant modifications to the Linux kernel, as lots of system calls have to be modified to enforce the process group separation rules.
- jon
Ganymede, a GPL'ed metadirectory for UNIX
They aren't quite the same thing. Xen is more useful in a number of situations, but requires multiple copies of the kernel to be running. Yes, in some instances it is an advantage (such as when developing kernel drivers, so that a panic/oops doesn't take down the entire system), but for hosting (which is what Virtuozzo is for), you want better resource usage. Unfortunately, OpenVZ doesn't include the filesystem driver, which gives much better resource sharing, but at least it still includes the per-VPS resource limits (called ubc in OpenVZ).
With OpenVZ or vservers, a user could (in theory, I've never heard of it actually happening) take a remote user exploit, then if there is a local kernel exploit they could take control of (or at least crash) the entire machine. With Xen, it isn't possible for a VPS user to take control of the entire machine, even if there is a kernel exploit for the VPS kernel.
The bottom line is that, right now, OpenVZ provides a lot less isolation and a little more resource sharing than Xen, and a lot less resource sharing but a little more resource control than vservers. If XenFS is finished, then OpenVZ will provide a lot less isolation and a lot less resource sharing than Xen...
Something else to know about Xen is that although 2.x let you assign devices to a guest kernel, Xen 3.x does not allow that yet. That means you can't yet develop hardware drivers in Xen 3 guests (like you could under Xen 2.x) and you can't do things like run a MythTV backend or hardware accelerated graphics in Xen 3.x. Of course, OpenVZ can't do any of that anyway, but that's a really handy feature of Xen 2.x, and it is expected to eventually return to Xen 3.x.
You've got that backwards. CentOS takes the RHEL SRPMS released by Red Hat, rebuilds the binaries, and reassembles them into a distribution.
All the current x86 virtualization stuff is going to be out of date soon. It will be just adding kludges to the kernel to implement stuff that required by virtualization deficiencies in old x86 stuff. If you need those kludges, Xen should be enough.
This is because Intel and AMD are going to allow new and far more efficient ways of doing virtualization, with hardware assistance (lookup Intel Vanderpool and AMD Pacifica).
So, I don't see much long term gain for the effort for all the minuses.
You risk lower quality and increased maintenance costs. And you might also increase exposure to patent claims (but I bet IBM can smash anyone to pulp especially with virtualization patents).
You will still need developers to work on Vanderpool and Pacifica stuff, and I think you'd get better "bang for buck" with that (plus I think it will be a lot more fun).