Slashdot Mirror

← Back to Stories (view on slashdot.org)

Performance Evaluation of Xen Vs. OpenVZ

Posted by ryuzaki0 on from the price-to-pay dept.

An anonymous reader writes "Compared to an operating-system-level virtualization technology like OpenVZ, Xen — a hypervisor-level virtualization technology that allows multiple operating systems to be run with and without para-virtualization — trades off performance for much better isolation and security. OpenVZ's performance advantage due to running virtual containers in a single operating system kernel can be significant. A performance evaluation study (PDF) done by researchers at the University of Michigan and HP labs provides insight into how big a performance penalty Zen pays and what causes the overheads (primarily L2 cache misses)." From the report: "We compare both technologies with a base system in terms of application performance, resource consumption, scalability, low-level system metrics like cache misses and virtualization-specific metrics like Domain-0 consumption in Xen. Our experiments indicate that the average response time can increase by over 400% in Xen and only a modest 100% in OpenVZ as the number of application instances grows from one to four... A similar trend is observed in CPU consumptions of virtual containers."

32 of 116 comments (clear)

  1. Stop the press by general_boy · · Score: 3, Insightful

    [Xen]... "trades off performance for much better isolation and security."

    No kidding, that's why I use it! Xen's performance ain't so bad. Show me a better performing virtualization solution that matches or bests Xen's isolation security - then we'll talk.

    1. Re:Stop the press by jambarama · · Score: 4, Insightful

      Yeah but Xen is still a royal PITA to get running. KVM wasn't bad, and VMWare was pretty easy. I haven't even seen OpenVZ. Of the three I've tried, the ease of use was highly correlated to the product maturity. All three work, but IMHO VMWare is so far ahead it will take some time for Xen to be considered out of the hobbyist market and in the commercial one. I'm sure it'll get there, but to do what? Be a faster VMWare?

      So to sum, we've got OpenVZ, Virtualbox, KVM/Qemu, Xen, VMWare, Virtual Iron, and Virtuozzo. With so much virtualization software, I personally think performance takes a back seat to functionality (sure OpenVZ is fast, cool, what will it do for me that VMWare or Xen won't?). Is there really that much space in the virtualization landscape?

    2. Re:Stop the press by wertarbyte · · Score: 2, Interesting

      Yeah but Xen is still a royal PITA to get running.
      apt-get install xen-linux-system-2.6.18-4-xen-686 xen-create-image --hostname ........ done. Looks quite easy to me.
      --
      Life is just nature's way of keeping meat fresh.
    3. Re:Stop the press by Xouba · · Score: 4, Interesting

      Yeah but Xen is still a royal PITA to get running. KVM wasn't bad, and VMWare was pretty easy. I haven't even seen OpenVZ.

      Yes, Xen is harder to install. But to compare it with KVM ... did you try to use them? KVM (at least, last time I tried -- which was only a couple weeks ago) is still in development, and the performance is so low compared to Xen that it's not even funny.

      On the other hand, VMware is very nice, specially the free Server edition, and it's really easy to use. But even so, performance is better in Xen. Check this. Paravirtualization needs modified guests, but the outcome is so good that VMware is trying paravirtualization too.

      VMWare is so far ahead it will take some time for Xen to be considered out of the hobbyist market and in the commercial one

      What do you think is needed for Xen to be considered apt for commercial use? Remember that Xen can use unmodified guests if the hardware supports VTX/SVM instructions, which means that it can run Windows. Pretty front-ends? Xensource (which is slashdotted now, I guess, because it times out from here) offers one, and you also have Enomalism.

      Besides, by what Wikipedia says about OpenVZ, it seems to be more a solution like jails, because it uses the same kernel for both the host and the guest systems. The phrase "glorified chroot" comes to mind, though I'm aware that it's more than that (just adding it for the sake of trolling, I guess :-)). Xen, VMware and QEMU/KVM are, on the other hand, real virtualization solutions, where all the virtual system runs completely isolated.

      I wouldn't recommend Xen for home use (VMware Server is a better and easier option, IMHO), but saying that it's not ready and comparing it to QEMU/KVM is almost a joke.
      --
      My weblog in spanish
    4. Re:Stop the press by jaseuk · · Score: 3, Informative

      Virtuozzo/OpenVZ and VMWare have strengths in completely different areas.

      VMWARE is an excellent DR/BC solution due to complete virtual machine portability. However consolidation ratios (8:1 maybe) and performance are not that great, for consolidation you've probably only saved a few Us, but you have not really helped reduce the support burden, you'll still need lots of middleware / server management software to manage your estate. To actually get the most out of the DR/BC solution you also need an FC SAN and the complete Virtual Centre suite. If you've that kind of money to throw around then clearly you are in it for BC/DR purposes and VMWare is the right option. At this level you don't care if your consolidation ratios are 1:0.9 or worse.

      Virtuozzo/VZ on the other hand wins hands down for consolidation and management; you can easily fit 20-30 or more VPSes on a single server; and whatever the consolidation ratio the responsiveness will always be better than the same server under VMWare. However there are some drawbacks, Virtuozzo doesn't give you complete portability; you can only host Windows 2003 guest servers on a Windows 2003 hardware node for instance and you are unable to install device drivers. Adding a new VPS takes about as long and uses about as much resource as creating a new user on a system.

      I use both solutions; each definitely have their own place and couldn't be more different in their relative strengths.

      Jason

    5. Re:Stop the press by jaseuk · · Score: 2, Informative

      VMWARE consolidation tends to be limited by your overall system RAM. I can only assume that you are making very small RAM allocations (128M-192M?) or you have a large amount of physical RAM available (12-16GB?)

      Jason.

  2. KVM by QueePWNzor · · Score: 2, Insightful

    Kernel VM is based off QEMU -- but doesn't Xen have a similar hypervised Linux kernel. (I personally thought that may be why KVM was created -- to be a better Xen.) As I'll eventually upgrade to a Linux distro with KVM, I wonder if there are similarities in them -- or preferably if KVM could be fully tested and compared with these results.

  3. Looks like analyst talk by fred911 · · Score: 2, Funny

    " hypervisor-level virtualization technology that allows multiple operating systems to be run with and without para-virtualization "

      I don't know about you but it still makes my eyes hurt!

    --
    09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  4. Oblig. Nonsensical reference by jd · · Score: 5, Funny
    how big a performance penalty Zen pays

    Zen's performance issues were fixed by Avon, under Orac's guidance.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  5. Re:Looks like analyst talk by interiot · · Score: 3, Informative

    Hypervisor — the software that makes the virtualization happen... sometimes means virtualization that runs on bare-metal, rather than under a host OS.

    Paravirtualization — I think this just refers to the cases where the guest OS is modified/recompiled to run work without needing to run in Ring 0, and instead changes those to be explicit calls to the virtualization software.

    So translated, I think that means "virtualization software that runs on bare-metal, both using unmodified guest OS's, and modified guest OS's."

  6. Re:Looks like analyst talk by Jartan · · Score: 2, Insightful

    From reading the article on hypervisor it still seems ambiguous. It implies that a hypervisor is not exactly a VM but the actual detailed description makes it out to be a VM. Others seem to imply it means the VM is running as an OS basically.

    From everything I can see though the word is useless and it amounts to the equivalent of computer scientists being fussy. VM or VM OS are better choices.

  7. Both are good. by Blackknight · · Score: 4, Informative

    As somebody that actually has experience setting up and running virtualized systems (I work for a web hosting company) let me add my two cents here.

    OpenVZ is ok if all of your child environments run the same OS and you don't care about them stealing each other's resources. We constantly have problems with customers overloading their VPS and causing problems with the other environments, this doesn't happen with Xen. I've fork bombed child environments and caused the load to spike to over 700 until it crashed, dom0 and the rest of my domUs just kept running like nothing was even happening.

    OpenVZ also wins if you want to oversell hardware, Xen doesn't have "burstable" memory like OpenVZ does. Personally I prefer Xen for the jailing that it does and you can also run multiple OSes at the same time. I have a server at work that's running CentOS, Windows 2003, Windows Longhorn, and Gentoo all at the same time, OpenVZ only lets you run Linux on Linux.

    1. Re:Both are good. by flydpnkrtn · · Score: 5, Informative

      When you sit down and do your homework, and don't oversell as you said, OpenVZ gets the job done. I was looking for a good way of virtualizing a new server we were moving to and I've gotta say I can't see myself ever NOT installing a server in either an OpenVZ VE or a Xen domU ever again.... with OpenVZ you can give one VE (almost) all the resources of the hardware its running on, and when that one server outgrows that hardware doing a vzdump or vzmigrate is sooo easy.

      The big difference between Xen and OpenVZ comes down to what openvz calls "privvmpages" - memory that is claimed by running processes but not actually used.

      The example here is this: two OpenVZ virtual environments (VE) can be set up on a server with, say, 1 gig of ram, with a gig of swap underneath it (So, RAM+Swap equals 2 gigs).

      Those two virtual environments can be "oversold" in the amount of privvmpages they're allowed to use, because processes ask for more memory than they _actually use_ all the time. So let's say we give those two VEs 1.5 gigs of privvmpages (total of 3 gigs - more than RAM+Swap), but we only give them each 500 megs of oomguarpages. (less than RAM+Swap).

      The thing that _should never_ go over RAM+Swap is oomguarpages (out of memory guaranteed pages) - pages of memory that are guaranteed (OpenVZ measures some of its resources in pages and some in megs).

      With Xen, on that server I just described you're locked in - there's no bursting, and there's no dynamic allocation going on. You give one domU 750 megs of ram and you give the other domU 750. That's it.

      --
      Here's to the crazy ones
    2. Re:Both are good. by passthecrackpipe · · Score: 2, Insightful

      I've gotta say I can't see myself ever NOT installing a server in either an OpenVZ VE or a Xen domU ever again

      Remind me to never EVER hire you to do any work for me. Ever heard of "the right tool for the job"? I am a huge fan of virtualisation, and have been using it for years, VMWare mostly, but lately more and more with Xen. Given that Xen simply does not yet play nice with most of the lower cost hardware, and has several significant shortcomings in real-life enterprise production environments (running against a multihomed SAN is a not-so-distant nightmare), Xen still has some work left to do. Anyhow, I'm a huge fan of virtualisation, but there are plenty of workloads that simply do not work well virtualised, irrespective of the VM flavour du-jour you are using.

      Saying you will only ever use virtualised workloads is stupid, and unprofessional. -and no, the fact that you got [oracle,mysql,postgresql] to run in a VM does not mean its going to be anywhere near decent performance.

      --
      People who think they know everything are a great annoyance to those of us who do.
  8. Yes, but ... by Anonymous Coward · · Score: 4, Funny

    Does it run multiple instances of Linux?

    1. Re:Yes, but ... by TommydCat · · Score: 3, Funny

      Perhaps you can harness all of those multiple instances in a beowolf cluster.... Hmmmm!

      --
      This comment does not necessarily represent the views and opinions of the author.
  9. And... by coyote4til7 · · Score: 5, Insightful

    Nothing like a virtualization comparison that ignores the 800 guerilla that is VMWare. How do the learning curves, performance and security of these products compare with VMWare? Why should someone who is satisfied with VMWare consider other alternatives?

    --

    the clock on the wall says 4 til 7
    1. Re:And... by myowntrueself · · Score: 2, Interesting

      Why should someone who is satisfied with VMWare consider other alternatives?

      How should someone who is satisfied witn VMWare decide whether an alternative would be an improvement? When the license terms for VMWare prohibit any benchmarking its kind of hard to make a decision.

      --
      In the free world the media isn't government run; the government is media run.
    2. Re:And... by coyote4til7 · · Score: 4, Insightful

      Good point.

      Do I get a Karma bonus for conceding someone's point? ;-)

      --

      the clock on the wall says 4 til 7
    3. Re:And... by Chirs · · Score: 3, Informative


      This is a bit out of date, but here is some comparison between Xen, User Mode Linux, and Vmware 3.2 (which is the most recent version that allows publication of benchmarks).

      http://www.cl.cam.ac.uk/research/srg/netos/xen/per formance.html

      Xen is always faster than Vmware, with the exact amount varying depending on the specific load. They've all improved since then, of course.

  10. Xen vs VMware - personal experience by Anonymous Coward · · Score: 5, Informative

    Here are a few talking points based on my experiences with both Xen and VMWare (ESX Server & Workstation).

    1. Cost - no contest, xen wins hands down $0 vs $5000/cpu.
    2. Performance - xen wins noticably, i can get away with running 8 virtual machines with 1/4 the hardware that VMWare required for 6.
    3. Capabilities - VMware versions ESX GSX and up beat Xen in ease of use and flexibility, anything less and Xen wins. Xen does have a quicker live migration capability, but falls short on conencting external hardware to the virtual machine (something that is trivial in VMware).
    4. Stability - about even, maybe Xen. I've seen ESX crash once, and have never seen Xen crash.
    5. Ease of use - VMWare no question. Theres a learning curve to Xen and setting up new VM images is a pain. (which is disappearing) There are fantastic tools for VMware that will let you manage virtual machine creation and even migration from a physical box. (some of which can be used to feed xen too =))

    The bottom line. A Xen setup (using open source version) that can easily run 12 VMs costs about $2,000 on DIY hardware. A VMWare server/software combo to do the same? about $30,000. Assume an additional 40-80 hours of learning to get up to speed with Xen vs VMware.

    The comments above cover the open source / free version of Xen. I have no experience with the commercial Xen offerings.

    Personally i'm Xen biased due to cost.

    1. Re:Xen vs VMware - personal experience by Xouba · · Score: 2, Insightful

      Personally i'm Xen biased due to cost.

      I agree. Just a little addition: besides, VMware licenses are even more important when you want to scale. Say you want to use two quad boxes for load balancing, running VMware in each: that's about 8 x 5000 = $40000 in licenses (or $35000 if the first CPU is for free; I'm using your prices, but I knew about a similar project where VMware was decided against due to licensing costs too). You can buy more hardware with that money and train all your staff to understand and use Xen.

      --
      My weblog in spanish
    2. Re:Xen vs VMware - personal experience by phish · · Score: 2, Insightful



      There's one item you didnt list, though it might be folded under capabilities or ease of use...

      Manageability is a key item for these types of setups. As people being to depend more and more on virtualization technologies (whatever those might be) and roll out virtualized production environments, you have to figure out how to monitor and manage them. This is one area where VMWare currently has the upper hand, as Xen's management API has not yet been stabilized.

      The reason this is important is because with all the hype surrounding virtualization, people seem to be focused on 'getting virtualized' (server consolidation being the primary driver) rather than the consequences (application capacity issues, constant live migrations to keep things healthy, etc.).

      Manageability is a key stepping stone into the enterprise. Xen's made great strides recently (both in the open source form and in the commercial form), but there's a ton of work left to do on that end to catch up to VMWare.

      -javier
      http://www.hyperic.com/

    3. Re:Xen vs VMware - personal experience by Thumper_SVX · · Score: 2, Insightful

      You missed the biggest point for a corporation; Support. No corporation looking at virtualization (and let's get real; almost all of them are) is going to use Xen OR OpenVZ at this point because there's no single point of contact for support, and no support contracts.

      Quite simply, a corporation is going to buy VMWare Virtual Infrastructure. So the performance isn't as good? So what? Throw hardware at it. It works.

      We have a significant investment in VMWare VI3 where I work, and it's great. We run it on high-end highly scalable enterprise hardware (IBM) and it almost never dies. We lose guests occasionally because of Windows problems, but so far we have never lost a host machine, and they never go down except when we need to maintain or upgrade them.

      Last week we had a CPU die in one of our highly redundant, highly scalable boxes. Apart from the alert thrown up in MOM we practically didn't even notice the glitch. VI3 kept plugging along until we could roll the guests off to another host on the SAN and we took the box out after lunch, replaced the CPU and it was back in production within an hour. The business units who use the guests never even noticed the outage.

      Note though that to a corporation, the license cost is trivial for the security that if we had a host failure (software, not hardware) then there's one number to call; EMC/VMWare. Trawling the Usenet and Google Searches don't cut it from a Corporate perspective. And let's face it, Corporations are the primary target market for virtualization, not the consumer (at least today).

      As an aside, consumer level virtualization will happen soon, but it will be transparent to the user. It's probably going to be more akin to OpenVZ's "uber sandboxes" than VMWare but it will definitely happen in my opinion.

  11. Other VM options.. by tji · · Score: 2, Informative

    Linux has a lot of great VM options. VMware is a great free (cost) option, and KVM has become a great option very quickly. OpenVZ and VServer are interesting light weight OS "jail" virtualizations. They each have pros and cons, depending on your requirements and apps being used.

    I'm setting up my "next generation" home linux server, and looking into the virtualization options for that. Probably a bigger factor than performance is the setup and manageability. I have found Xen to be pretty primitive compared to VMWare.. setup is a pain, documentation is spotty, and support is minimal. The one advantage of Xen is that you can (and often must) do everything with it from the command-line. The GUI tools are weak at best.

    I am now leaning towards using VMWare server. But, I still need to do some testing with KVM.. articles I have read about it sound very impressive. KVM paravirtualization performance is supposed to be excellent. But, I don't know about management.

  12. Lousy virtualization, Happy users... by MavEtJu · · Score: 2, Informative

    Go the FreeBSD way!

    Lousy virtualization, Happy users: FreeBSD's jail(2) facility
    Source: UKUUG
    Tags: ukuug, presentation, freebsd, jails, poul-henning kamp
    Slides (2.7 Mb)
    Lousy virtualization, Happy users: FreeBSD's jail(2) facility by Poul-Henning Kamp (phk@FreeBSD.org)

    --
    bash$ :(){ :|:&};:
  13. It's not always about performance by cerberusss · · Score: 4, Informative

    It's not always about performance; Xen gets each their separate kernel. This means that special adjustments can be made for a virtual machine. Also, with Xen you could easily experiment with an upgraded kernel for the virtual machines, without rebooting the main (host) machine. Finally, I for myself like the fact that you have your 'own' kernel. It feels much more like a real machine. Especially with a bootloader like pygrub, which is employed in RedHat AS and CentOS, the kernel inside the virtual machine can even be upgraded by yum running inside the VM.

    Note that I'm not a Xen apologist, I'm not denying a performance hit here.

    --
    8 of 13 people found this answer helpful. Did you?
  14. Appples and oranges... by flyingfsck · · Score: 3, Interesting

    OpenVZ is somewhat like FreeBSD Jails. It provides some separation which makes it easier to manage multiple complex servers. For example, it makes sense to run a web server and mail server in two separate virtual machines, since it keeps the configuration independent.

    Xen, is like VmWare or Qemu and provides an independent virtual machine for each system. These systems can be anything at all: Windows, Linux, BSD, whatever.

    Performance wise, OpenVZ is bound to win, because it is a different solution to a different problem.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
  15. Hypervisor for both by gokalp · · Score: 2, Interesting

    We're using HyperVM from LxLabs http://www.lxlabs.com/ and it manages both OpenVZ and XEN. You can easily watch the performance penalties of both virtual machines from the same panel and migrate in between. So whenever someone abuses OpenVZ you can migrate it to XEN.

  16. Re:Yes, but does it run Linux\\\\\Windows ? by DrSkwid · · Score: 2, Informative

    qemu runs Win2k. My AMDX2 3800 runs it using kqemu. I happily use it for testing things in I.E. It seems about as fast as my PIII 1Ghz laptop, though I've never actually measured it.

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  17. Much better isolation and security? Hmm... by ovz_kir · · Score: 3, Interesting

    Xen trades off performance for much better isolation and security.

    I guess I have to correct you here. Xen trades off performance for an ability to run different kernels, and this has nothing to do with either isolation or security. So, Xen is good when you want to run different kernels (different OSs).

    OpenVZ, on the other hand, employs a single kernel model, which makes it suitable for you if you only want to run Linux (different distros are possible, different kernels are not). But in this very field OpenVZ is way better than Xen -- not only in terms of performance, but also scalability, manageability, density, and usability.

    Speaking of isolation and security, OpenVZ runs on thousands of ISP/HSP servers, and everyone can buy a VE (Virtual Environment) for about 10-15 bucks a month. There one have a root account and can try to exploit the system in all the possible ways. So far those HSPs are not out of business yet, that practically proves the system is secure and properly isolated. More to say, security comes from the constant care, and we (OpenVZ team) do care for security a lot, see this blog entry for some more details.

    --
    -- Kir Kolyshkin, OpenVZ project leader.
  18. Re:isolation and ease of use by ovz_kir · · Score: 2, Informative

    In fact, free OpenVZ has most of what you tell about VMware. Live migration is here, and it does not require to have a SAN or a dedicated NIC, or pay for vmotion. High availability with clustering can be set up (see here). And finally, you don't have to pay a performance penalty if you want virtualization.

    The commercial product based on OpenVZ (i.e. Virtuozzo) has all that plus web-based and gui management tools, P2V migration tools etc. etc.

    It also makes sense to point out that Xen also has a live migration feature, although I haven't tried it.

    --
    -- Kir Kolyshkin, OpenVZ project leader.