Slashdot Mirror
Linux Gains Two New Virtualization Solutions
An anonymous reader writes "The upcoming 2.6.23 kernel has gained two new virtualization solutions. According to KernelTrap, both Xen and lguest have been merged into the mainline kernel. These two virtualization solutions join the already merged KVM, offering Linux multiple ways to run multiple virtual machines each running their own OS."
FYI, Xen hasn't required VT since the beginning either. The only problem was you needed a specially patched kernel because linus didn't like how xen implemented their hooks into the stock kernels. It looks like that has been resolved however.
A number of reasons. One is to be able to run different linux distros on the same machine for testing purposes. Another is to set up two completely different environments that run tasks at different times.
I used to work for a search engine company (not Google) that has thousands of linux servers. After doing a bit of research they discovered that the vast majority of these machines are idle for a good amount of time. Rather than buy new servers they simply installed Xen and intellegently divided up the physical hardware to perform their different tasks. Now instead of separate physical servers to do web spidering, data analysis, log processing, etc. they've combined these tasks onto the same physical hardware but kept them as individual virtual servers.
Which is why I mentioned file systems...
That said, you mentioned KVM.. KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V). (from here). It *is* a hardware driver.
How we know is more important than what we know.
VMWare by default bridges your network interface into the VM. Wireless drivers have such poor support for network bridging that this almost never works. It especially doesn't work with WPA or any such.
If you NAT your VM network traffic, then things work (well sorta, with all the nastiness that NAT comes with).
It's a big help for software developers needing to support multiple platforms/versions. At my company we provide support for the past 5 or 6 versions of our software, so I have a VM for each version that I fire up when I need to check something or patch a bug. Lots easier than dealing with multiple physical machines.
"The best argument against democracy is a five minute chat with the average voter."
--Winston Churchill
For one, they all fill different needs.
KVM allows you to virtualize any PC OS, as long as you have a VT CPU. lguest allows you to run another copy of Linux. Xen sits somewhere in the middle - you can run any Xen-compatible OS, not just Linux, but you can also run normal OSes if you have a VT CPU.
Xen is hardly lightweight. It's really suitable for servers, but it's too intrusive for general use. KVM and lguest, on the other hand, are pretty unintrusive, don't radically change the system, and can simply be used by regular applications. And their functionality doesn't really overlap.
Users will never see them anyway. Now they're part of the kernel, users will just see a program that makes use of them.
I have an Atheros chipset wireless card which requires binary drivers to work. It does not work with VMware.
This is the Ubuntu bug report (note the length and number of duplicates) which actually breaks apt on installation, but it's not Ubuntu specific; you can't configure it manually with this wireless card either. The only solution is to disable networking virtualization, which means I can't even have VMware use my wired connection unless I disable the wireless card entirely or physically remove it from my system.
Was I seriously modded down for that? Mods, what the hell?
It's not the same solution because lguest and KVM have different goals. While KVM is trying to use as much hardware virtualization support as possible to gain full speed, lguest is not using these functions to run on more hardware. XEN tries to do everything and is thus a bit more bloated, but also with more functionality. Choice is good, just take the solution which fits your requirements best.
Yes. Thing is, bare x86 metal can do virtualization.. you just gotta be creative. There's a lot of ways to do it, utilizing different parts of the hardware. So there's some solutions that work great for some things and some solutions that work great for others. It's like having two drivers for the same bit of hardware and choosing which one to use based on how you're using the device.
:)
Then there's para-virtualization.. modifying the kernel of the guest OS so you don't even need anything in the kernel. Well, sometimes kernel support can help para-virtualization
How we know is more important than what we know.
IDE is not a bus, don't confuse this with ATA (more recently SATA and PATA). IDE == Integrated Drive Electronics.
How we know is more important than what we know.
No. But if/when there is ever an open source nvidia kernel driver with 3d support that isn't completely broken and is integrated into the kernel, you might see some people take an interest in virtualizing it.
Probably the first thing they'll do is make it so X running in a virtual machine can share the same DRM (Direct Rendering Module) as X running on the host. Of course, that's not much good to a Windows guest.
How we know is more important than what we know.
I have vmware installed and use it on a regular basis. Here's what for:
I've talked about it elsewhere, but I also envision a system using UML (or now, lguest) to separate servers (or groups thereof) away from the main system to reduce security risks. It would let you use selinux with a fairly restrictive policy on your controlling system, and if one of the subsystems is compromised it could easily be discarded and rebuilt.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Each of Xen, KVM, lguest, and UML can be considered virtualization products but they are all vastly different. Below I describe each of these products in relation to their inclusion to the Linux kernel.
Xen - the Linux kernel supports code allowing it to be run as a guest underneath the Xen kernel, all through software. Linux's support for Xen does not make Linux a virtualization platform, only a GUEST for the Xen kernel which sits at Ring-0. (though a "dom0" Linux system can interact intimately with the Xen kernel, it actually sits at Ring-1). I should note that the Xen kernel also supports hardware virtualized domains, though this is unrelated to the patches to Linux.
KVM - the Linux kernel supports virtualization of guests through hardware extensions, this requires supported hardware. Linux becomes the Ring-0 kernel.
lguest - (my understanding is) an unmodified Linux kernel can act as a hyper-supervisor through loading Linux kernels as modules. Linux sits as both Ring-0 (supervisor) and Ring-1 (guests). This is experimental with limited features and only supports Linux guests.
UML - the Linux kernel becomes a userspace program. This allows Linux to run as an executable application/program. With UML, Linux can be compiled for a Linux or Microsoft Windows target. The executing OS sits at Ring-0 and the UML program sits at Ring-1. This has the advantage of requiring no modifications to the host OS and is very portable (you could email an entire Linux system to a friend without requiring anything installed to their system), but the disadvantage of poor performance.
From a high-level, the products UML, Xen, and lguest are actually very similar in function. They act as architectures to which Linux can be compiled in order to make it a guest OS of another Ring-0 kernel. These architectures provide the targets of a kernel module (lguest), a userspace program (UML), or a xen-domU guest (Xen). On the other hand, KML is the only patch that is intended to add support to Linux to act as a Ring-0 kernel on behalf of guest systems -- and even then, KML can be viewed more as a hardware driver for the processor extensions.
ATA is just a new name for IDE. PATA is a backronym used to distinguish "old" ATA from Serial ATA. As I'm at it, ATAPI stands for "ATA Packet Interface" and is a sub-set of SCSI over ATA.
These aren't even close to the same solution. KVM provides hardware-assisted virtualization, with Linux as the hypervisor. Lguest provides linux-in-linux paravirtualization (no hardware support), and is extremely lightweight (5000 lines of code, total), but lacks many advanced features. Xen provides both paravirtualization and full virtualization, runs under a custom hypervisor intended to run multiple different OSes (Linux, Solaris, Windows, etc.) simultaneously, and has a plethora of sophisticated features, such as live migration (and all the maintenance headache of the correspondingly huge codebase).
They each fill very different niches, so there are very good reasons for having all 3 in the kernel.
There's no failure quite as dissatisfying as a complete and total solution to the wrong problem.
You mean Lguest? FTA:
Lguest doesn't do full virtualization: it only runs a Linux kernel with lguest support.
So the answer is no, Lguest does not run Windows. Xen runs Windows, but only if you have a VT-capable processor. Like Lguest, Xen can run Linux without a VT-capable processor.
It'll only increase the kernel foot print IF you compile them into the kernel, which they won't be enabled by default.
Only if enabled in the distribution. It doesn't harm anyone to have it available in the kernel source tarball. And both KVM and Lguest are implemented as modules, so if you don't load them, they aren't there.