Linux 3.0 Will Have Full Xen Support

GPLHost-Thomas writes "The very last components that were needed to run Xen as a dom0 have finally reached kernel.org. The Xen block backend was one major feature missing from 2.6.39 dom0 support, and it's now included. Posts on the Xen blog, at Oracle and at Citrix celebrate this achievement."

KVM vs XEN

[nereid666]

Another episode of the KVM vs XEN battle!!

Re:KVM vs XEN

[davester666]

Spenny always gets it in the shorts.

Re:KVM vs XEN

[GPLHost-Thomas]

Oh, I meant to write it is NOW included, sorry for the typo, maybe someone can change it???

Re:KVM vs XEN

An editor could probably fix that, but since all we have is hashish-addled dupemonkeys, it's stuck that way.

Re:KVM vs XEN

[catmistake]

Just what the hell is the difference between a bare iron hypervisor and KVM? Aren't they pretty much the same? Where are the patent lawsuits?

Re:KVM vs XEN

[GPLHost-Thomas]

Well, the issue is that I couldn't see the submit buttons at the bottom when doing my submission. They were display too much at the bottom of the screen, and I could see only the few top pixels of them. I wanted to click on "Continue editing", but unlucky for me, it was posted without giving me a chance to rectify. So I don't think it's really my fault here... Maybe someone at /. wants to test the submission display so that it's better on Firef ^W Iceweasel 4.0.1 (my own backport running on Squeeze)...

Re:KVM vs XEN

[pasikarkkainen]

Xen has features that KVM doesn't have (by design). For example Xen "stubdomains" and "driver domains", full memory address space separation between domains, etc.. and of course it's good to have multiple opensource virtualization platforms, competition is a good thing!

Re:KVM vs XEN

[GPLHost-Thomas]

This why Xen PDF might explain it well. Under Xen, guests are running inside the host operating system. In Xen, the hypervisor starts a special Linux kernel (the dom0) that will only take care of drivers for the guests. The design is really different, and has different features. For example, in Xen, you can have your dom0 to run on 2 cores, leaving the rest for the guests (I'm not sure that is possible in KVM), and if you want to avoid any possible CPU starvation, you can even have the guests to not use the cores that the dom0 is using. The CPU scheduler is also very different (and there's not only one available...).

Re:KVM vs XEN

[catmistake]

thanks, but it still sounds to me like the difference between, say, Linux and BSD and SysV... yeah, different... but, oh so similar (basically they're all kernel+user land). So sounds like Xen is a little more sophisticated. But besides that, besides features, at their core, what really is all that different between KVM and bare iron hypervisors?

Re:KVM vs XEN

[pasikarkkainen]

Actually the design is pretty different. Take a look at these slides: http://www.slideshare.net/xen_com_mgr/why-xen-slides . That should explain the differences. Xen is also multi-OS, ie. you can use also BSD/Solaris in addition to Linux as a Xen host, while KVM is Linux-only as host.

Re:KVM vs XEN

[catmistake]

Thanks again. From your link:: "KVM has a very different model - Linux kernel as hypervisor"
Aha! KVM is a hypervisor too? Xen has no kernel? Again... besides the features... the function appears the same to me. Take KVM, remove the drivers, make it tiny, minimalistic... and besides features, the model appears the same to me. Xen is more advanced, more features... but basically, they're both bare iron hypervisors, right?

Re:KVM vs XEN

[pasikarkkainen]

Xen is a secure baremetal hypervisor (xen.gz), around 2 MB in size, and it's the first thing that boots on your computer from GRUB. After Xen hypervisor has started it boots the "management console" VM, called "Xen dom0", which is most often Linux, but it could also be BSD or Solaris. Upstream Linux kernel v3.0 can run as Xen dom0 without additional patches. Xen dom0 has some special privileges, like direct access to hardware, so you can run device drivers in dom0 (=use native Linux kernel device drivers for disk/net etc), and dom0 then provides virtual networks and virtual disks for other VMs through Xen hypervisor. Xen also has the concept of "driver domains", where you can dedicate a piece of hardware to some VM (with Xen PCI passthru), and run the driver for the hardware in the VM, instead of dom0, adding further separation and security to the system. Xen "Driver domain" VMs can provide virtual network and virtual disk backends for other VMs. KVM on the other hand is a loadable module for Linux kernel, which turns Linux kernel into a hypervisor. The difference is that in KVM all the processes (sshd, apache, etc) running on the host Linux and the VMs share the same memory address space. So KVM has less separation between the host and the VMs, by design. VMs in KVM are processes on the host Linux, not "true" separated VMs.

Re:KVM vs XEN

[martyros]

Just what the hell is the difference between a bare iron hypervisor and KVM?

As far as Linux is concerned, a KVM virtual machine is just another process. So your whole infrastructure-critical server VMs are treated exactly the same as the random daemons that get started up as a matter of course but never used. Worse yet, the same scheduling algortihms are used -- although the VMs have to handle interrupts, while processes don't.

In Xen, there's a scheduler dedicated to scheduling VMs, and the algorithm is tweaked specifcially to deal with VMs.

Re:KVM vs XEN

[martyros]

There doesn't have to be a battle -- there's room in the OSS world for two technologies. Xen and KVM are different technologies. For most desktop users, KVM is probably the best option; but on big servers, linux running KVM has to mix scheduling between VMs and processes. Since Xen runs VMs exclusively, it can focus only on algorithms that work well for VMs.

Re:KVM vs XEN

[ubersoldat2k7]

Wish I read your explanation of Xen a few years ago. In those few sentences you explained more than in a whole 200 pages book about Xen.

Re:KVM vs XEN

maybe someone at /. wants to test the submission display system so that its better on... ANYTHING :(

Re:KVM vs XEN

[catmistake]

Thanks for your patience! Explanation appreciated.

Re:KVM vs XEN

This is a fairly good explanation except strike the opening word 'secure'.

In either KVM or Xen bugs in the hypervisor (and there are and will be bugs) can allow privilege escalation. So a hypothetical elite bad guy might escape from your VM into the hypervisor and from there do anything they could do if you weren't vitualising at all.

Relying on virtualisation for security is the same error as relying on NAT for security. At best you've mildly inconvenienced the bad guys, more likely you've just increased the size of the attack surface greatly and reduced your ability to understand the threat.

Re:KVM vs XEN

[TheRaven64]

Not sure which Xen book you read, but the grandparent makes a lot of errors and I'd be surprised if a book was that inaccurate. Mine is slightly out of date, but at least was accurate at the time of printing (technical review was done by the original Xen developer).

Let's start at the end. KVM VMs and userspace Linux applications do not share the same address space. This isn't even true if you remove KVM - userspace processes have isolated address spaces. KVM requires the CPU have virtualisation extensions, which means (among other things) nested page tables. This means that there is hardware-enforced separation between the pages. The guest OS sees page tables that map from virtual to pseudophysical address space, but thinks that they map from virtual to physical. The host (Linux) sets the mapping from these pseudophysical pages to real memory pages and the CPU enforces this mapping. Xen uses exactly the same mechanism in HVM mode (it uses some other tricks in paravirtual mode).

The driver domains are correct, but it's worth noting that Xen will use VT-d or equivalent to protect against malicious use. Linux can't give a userspace program direct access to the disk controller, because if it did then a rogue DMA command could compromise the kernel. Xen will use the IOMMU to ensure that each peripheral may only issue DMAs to memory owned by the driver domain. The Solaris VM that you have accessing your block device and exporting virtual disks from ZVOLs, for example, can trample its own address space with rogue DMAs, but it can't touch any memory in other VMs.

This means that Xen (in theory) has a smaller attack profile than KVM. Xen is basically a microkernel, and it enforces low privilege on the services (OS instances) that provide drivers and the management console. With KVM, the entire kernel runs in privileged mode. It's fairly common these days for the management console domain to have either no network access, or highly-restricted access, and be separated from the driver domains. If there is a flaw in the network stack in Linux and an attacker compromises it, then with KVM they now have access to all of your VMs. With Xen, they control that driver domain, and they can inject packets into the other VMs, but they are no more able to compromise them than they would be if they controlled the router one hop away.

KVM recently gained support or live migration (this has been stable in Xen for a long time - they were doing demos of live-migrating a Quake 2 server with clients connected since the early 2000s), but it doesn't have any of the high-availability stuff that Xen 4 includes. This allows you to do things like run two instances of the same VM on different machines and transparently fail-over when one dies.

Re:KVM vs XEN

[TheRaven64]

A lot of the Xen developers use KVM. You can run Xen and PV kernels inside KVM, which (apparently) is great for debugging. They're very different tools though. The problem is companies like Red Hat that spread a lot of FUD about Xen and tell everyone to use KVM instead, which makes about as much sense as telling them to use bash instead of vim.

Re:KVM vs XEN

[datapharmer]

I'm not following. Are you are suggesting throwing out all NAT firewalls and connecting everything to the net to reduce the "attack surface" area? I don't know how that will work out for you, but I'm certain you will quickly "understand the threat" on your network. Sure hypothetical bugs might exist that allow this, but hypothetical bugs in quantum computing might allow it to become sentient and take over the stock exchange plunging us into the dark ages as our entire financial system crumbles. I'll take my chances.

Re:KVM vs XEN

[postbigbang]

In either case, NAT offers *some* protection but may not be viable in some IPv6 and other situations. My recommendation would be to use an appliance to both make stateful examinations of conversations in the firewall sense, use /etc/hosts instead of DNS, examine key vulnerable drivers for MD5, and use other methods to vet basic VMs that are used to clone for production activities. Among other steps.

In other words, from a security profile, KVM and Xen and other methods like LXC each have their own implications. You need to understand them so as to plan for vulnerability containment.

Re:KVM vs XEN

Heh. In a SPECvirt benchmark KVM is so much ahead of Xen it is not even funny. Apparently Xen algorithms for managing VMs are worse then Linux algorithms for managing VMs and processes :)

Re:KVM vs XEN

[IceNinjaNine]

The problem is companies like Red Hat that spread a lot of FUD about Xen and tell everyone to use KVM instead, which makes about as much sense as telling them to use bash instead of vim.

Wish I had mod points.. this and your previous two post on the topic are gold.

I hopefully speak for lots of people when I say

[GauteL]

... what??

Re:I hopefully speak for lots of people when I say

[ustolemyname]

+5 flamebait/informative.

Re:I hopefully speak for lots of people when I say

[Spykk]

The kernel is one step closer to achieving nirvana.

Re:I hopefully speak for lots of people when I say

[GPLHost-Thomas]

Maybe it would help to read TFAs?

Re:I hopefully speak for lots of people when I say

[NoNonAlphaCharsHere]

SAY 'WHAT' AGAIN!
Say 'what' again, I dare you, I double dare you motherfucker, say 'what' one more Goddamn time!

Re:I hopefully speak for lots of people when I say

What? Why?

Re:I hopefully speak for lots of people when I say

Trig bought a new BlackBerry!

Re:I hopefully speak for lots of people when I say

[martyros]

What is Xen? Xen is a virtualization project that is run by four of the top five major cloud providers (including Amazon, Rackspace, &c); a commercial version written by Citrix run by thousands of sites worldwide, including large companies like Tesco, SAP, &c. It's also the approved way of running Oracle databases in a virtual machine.

What does that have to do with Linux? The Xen project is focused on virtualization. But Xen still needs to run on systems with all manner of devices. There are several ways they could have handled this. One is to try to put drivers for all of the devices in Xen. This would require a huge amount of work, mostly copying new device drivers and device fixes from Linux and porting them over to Xen. It would be a colossal waste of time: they would be duplicating effort of what Linux already does well, instead of doing what they want to do -- work on virtualization.

So what they do instead is run Xen as the hypervisor, but leverage the device drivers in Linux. They do this by creating a special VM, called "domain 0" or "dom0", which is booted first after Xen boots, that has drivers to control all of the devices. This domain is a version of Linux that is designed to be able to work with Xen to control and drive devices, while allowing Xen to control memory, CPU, and interrupts (the key hardware required to do virtualization).

Xen has been out for years. Why is this just being announced? The Xen project started out of a University research project. As is typical, they were trying to answer the question "what is possible?", and as a result, felt free to completely rip out and rewrite large sections of Linux code. This code was not upstream-able -- changes were made that were (rightly) not acceptable to the Kernel community.

Since that time, the Xen community has maintained branches of Linux with these intrusive, non-upstreamable patches, and used these branches as domain 0. At the same time, they have worked to try to get support for Linux-as-domain-0 into the mainline tree. This has been a long process, and something that has been a sore point for users of Xen for some time.

But as of Linux 3.0, all of the functionality required to use the mainline kernel tree as a basic dom0 with Xen is in. This means that if you install Xen, you'll be able to use the same kernel you booted with natively as the dom0 for Xen. It means that distributions won't have to maintain two separate kernels, one for booting bare metal, and one for booting on Xen. And it means not having to maintain the xen-linux fork, which has been a lot of painful work for the Xen community.

Re:I hopefully speak for lots of people when I say

WTF does this not have +5 Informative?

Re:I hopefully speak for lots of people when I say

[Robert+Zenz]

So, it will be able to do cool songs, soon?

Re:I hopefully speak for lots of people when I say

[Kjella]

WTF does this not have +5 Informative?

It does now, but slashdot seems really, really mod point starved as of late. Some discussions there looks like there's almost no one to mod, and when they do get mod points it's 5 now compared to 15 before.

Re:I hopefully speak for lots of people when I say

[X3J11]

No, it means it will make shitty music and eventually shoot itself in the face.

Re:I hopefully speak for lots of people when I say

[DocZayus]

What

Re:I hopefully speak for lots of people when I say

... what??

Slashdot. News for nerds.

Re:I hopefully speak for lots of people when I say

[proverbialcow]

But does it run Linux?

Re:I hopefully speak for lots of people when I say

[WuphonsReach]

It does now, but slashdot seems really, really mod point starved as of late. Some discussions there looks like there's almost no one to mod, and when they do get mod points it's 5 now compared to 15 before.

OTOH, I now get mod points (for the past few months) almost every day, in sets of 5. That's up from only getting mod points about once a month or every 2-3 months.

(I've never seen a pack of 15 mod points.)

Re:I hopefully speak for lots of people when I say

I still get 15 points and this on a fairly regular schedule. Most of the time I don't use them or only partially, though.

Re:I hopefully speak for lots of people when I say

[DarkVader]

Strange...

I seem to get mod points 15 at a time, about once a month.

Re:I hopefully speak for lots of people when I say

oh I'm sorry, did I break your concentration?

Re:I hopefully speak for lots of people when I say

[pipatron]

Yes.. it does.. for once.

Re:I hopefully speak for lots of people when I say

[mcgrew]

I had 15 points just this Wednesday. But it does seem that there is less momoderation lately; 100 comments with all at 1 or less. Maybe all of the mods but me are downmodding? (Of the 15 I had, all but two were upmods)

Re:I hopefully speak for lots of people when I say

[camperdave]

But doesn't that just make Xen the OS with linux becoming an application? I mean, it is the OS's job to manage memory and devices, and to allocate CPU time.

Re:I hopefully speak for lots of people when I say

[martyros]

But doesn't that just make Xen the OS with linux becoming an application? I mean, it is the OS's job to manage memory and devices, and to allocate CPU time.

No, Xen is a hypervisor. A process expects a *lot* more from an operating system than an OS expects from a hypervisor. VMs expect raw hardware and know they have to manage most things (like setting up memory, doing filesystems, and so on) themselves. Processes expect an operating system set up memory mapping for them, give them filesystems (not just raw disks), IP addresses and sockets and TCP (not just raw packets), and so on.

In the KVM case, Linux is an operating system to normal processes, but a hypervisor to VMs. Linux gives memory and time to the guest OS, and the guest OS gives memory and time (along with filesystems, TCP, &c) to guest processes. So in that way Xen and KVM (i.e., Linux-as-hypervisor) are the same.

The main difference is that Xen is only a hypervisor, whereas with KVM, Linux tries to be both a hypervisor and an operating system. That has a number of practical implications. Xen has been widely deployed and tested as an enterprise-class hypervisor. I'm not aware of any large-scale enterprise deployments of KVM, so it remains to be seen whether Linux can successfully be both an enterprise-class hypervisor and an operating system at the same time.

Re:I hopefully speak for lots of people when I say

[Errtu76]

Yeah, and then shoot itself.

Re:I hopefully speak for lots of people when I say

[drinkypoo]

Does this get me any closer to the dream of simultaneously running multiple operating systems which can each output 3d graphics using my GPU if I just switch between them like VTs?

Re:I hopefully speak for lots of people when I say

[digsbo]

I noticed recently that some of my posts have been modded down immediately as "overrated". I'm not talking about posts which are potentially controversial, either. I don't know if it's widespread, but I get the feeling there are a number of kids with time on their hands downmodding anything they feel like. Time to spend more effort metamoderating, I suppose. But I'm busy, unlike 20-somethings living in mom's basement, so...tehy win the interwebs?

Re:I hopefully speak for lots of people when I say

[Abreu]

Too soon!

Re:I hopefully speak for lots of people when I say

[Aighearach]

Sonny, you don't have to be a kid to mod whichever way you want. It has always been that way.

Re:I hopefully speak for lots of people when I say

[Enleth]

AFAIK, on a desktop with two discrete graphics cards, you should be able to run Windows and Linux as guests at the same time, each using one card. I'm not sure about disk access, you might want to add a discrete PCI-E SATA controller for one of the systems to avoid any screwups caused by Windows doing something nasty, but other than that, this seems to be perfectly viable. A recent Sandy Bridge-based Core i7, with 8GB of memory on a good P67-based motherboard should run such a software stack with native performance of an SB i5 (roughly half the cache and threads of an i7 available most of the time for each guest) with 4GB of memory (if split evenly), which is more than adequate for everyday use.

Re:I hopefully speak for lots of people when I say

[drinkypoo]

Sounds pretty great, I have a tri-core Phenom II and I'd like to use 1 core and maybe 2 of 8 GB of RAM for a second machine. Now to pick up a second video card that will shoehorn in here...

Re:I hopefully speak for lots of people when I say

[WuphonsReach]

The whole meta-mod system has been basically non-functional for years that I stopped bothering. It used to be worth doing and you could counteract bad moderation. Then they changed it up, changed how it was presented, etc.

Has it been fixed?

Re:I hopefully speak for lots of people when I say

[klui]

My question is how soon could someone be able to use Xen and have dom0 autoboot into something like a Windows XP installation (running on the console) and can still manage VMs and manage them in the hypervisor? I would like to leverage a hypervisor for managing VMs on a system with a lot of memory and still want to use it as a workstation with native, or close-to-native graphics acceleration not login through remote desktop/VNC.

The documentation for doing this is confusing and there appears to be a limitation to the graphics drivers that allow that. Last time I did the investigation it seems ATi drivers had some hurdles that prevents a smooth installation. The other requirement is VT-d but that's more easily taken care of by purchasing the right chipset and CPU.

Re:I hopefully speak for lots of people when I say

[mcgrew]

I usually mod controversial comments "interesting" unless it's written in an inflammatory tone or just plain ignorant. Posts that really don't say anything are what I downmod. If you're starting at a 1 it's not likely to hurt your karma; I've been modbombed before with someone using all their mod points on me, and the bombs never had any effect, so one downmod surely won't. Hell, sometimes I';; ask to be downmodded if I stray off topic, since the "no bonus" checkboxes don't seem to work.

Like this one.

I'll mod controversial comments up even when I disagree. I mean, that's the whole purpose of the site, discussion and debate.

What pisses me off are fanboys, especially Sony fanboys. Say anything negative about somebody's favorite company and they mod you down in a heartbeat.

I read fast, and I'll have a lot of spare time in 3 years -- I'm retiring then. I miss summers when I was a kid and could spend all day reading. I'm looking forward to being able to do that again, it's been a LONG time.

Metamoderation is wierd; sometimes my own comments come up, sometimes comments I've just moderated come up.

Re:I hopefully speak for lots of people when I say

[mcgrew]

Nope, if anything it's even worse. These days metamoderation is like free mod points without the constraints you have with mod points; you'll sometimes get your own comments to metamod, or comments you just moderated yourself.

Re:I hopefully speak for lots of people when I say

[martyros]

The xen.org project has mainly been focusing on server-style virtualization, without desktop graphics (although graphics pass-through is obviously a priority for the Intel engineers).

What you describe really needs not just a single piece of software, but the full configuration and integration with a distribution. If you're not opposed to using software that is partially closed-source but free-as-in-beer, you could try XenClient. It's designed to run on laptops, and specifically tweaked to pass the GPU through to one VM. But there's no reason it couldn't run on a desktop with the right hardware.

Vanilla kernel on EC2

[insecuritiez]

Finally I get to run a newer kernel on EC2! I have been looking forward to this for months.

Re:Vanilla kernel on EC2

[pasikarkkainen]

Actually you have been able to run newer kernel on EC2 for a long time! Xen domU (guest VM) support has been in upstream Linux kernel since version 2.6.24. Now upcoming Linux kernel 3.0 adds Xen dom0 support, which is the *host* support, ie. Linux kernel 3.0 can run on Xen hypervisor (xen.gz) as the "management console", providing various backends (virtual networks, virtual disks) allowing you to launch Xen VMs.

err..

s\not\now\ ?

Re:err..

[Tinctorius]

Not now.

Re:err..

[GPLHost-Thomas]

Correct, it's a typo, sorry. It is NOW included.

Re:err..

s/\\/\//

Re: What?

[macraig]

Yo, Mike, you want us to unpimp this thing, lemme hear you say, "Vat?"

Xen? Call Gordon Freeman

He has the crowbar. You will need it.

Now all I need...

[Suiggy]

... is 16 cores and 32 GB of RAM, and I can recompile the Kernel on Linux, encode an H.264 video on OS X, serve files via Apache HTTPD from OpenBSD, and watch streaming porn videos on Windows all simultaneously on the same machine!

Re:Now all I need...

[glwtta]

16 cores and 32 GB of RAM

That's, uh, not exactly all that out there, these days.

Re:Now all I need...

[lgftsa]

Yeah, the new servers I just received to upgrade our vmware cluster have 128G with only half the slots filled. Still 16 cores (2 x 8) per host, our limiting factor is having enough free RAM available for failover. The linux guests share ram nicely, but the windows guests are pigs.

Re:Now all I need...

[Noughmad]

16 cores and 32 GB of RAM

That's, uh, not exactly all that out there, these days.

You forgot the implied "...Beowulf cluster of..."

Re:Now all I need...

[dltaylor]

If you're gonna stream porn on the Windows guest, instead of something useful like original Star Craft/Brood War, keep your clean guest image for reloads. You're better off streaming the porn on a Linux guest, since the embedded malware is much less likely to run.

Re:Now all I need...

[petermgreen]

It depends whether he means 16 good cores or 16 shitty cores ;)

Yes both intel and AMD sell CPUs that let you put 16+ cores in one machine BUT afaict in both cases the individual cores are substantially slower than you can get in a 12-core (2x6) xeon 56xx machine. The prices are also pretty crazy afaict.

Re:Now all I need...

[dbIII]

48 cores (4 sockets with AMD 12 core) and 64GB here and it was only around $10K. There are a lot of much bigger machines around - that's effectively just an overgrown gaming machine these days which is why economies of scale brought the price down to something sane instead of Sun or IBM prices. I've seen people spend as much on two laptops.
It's not for virtual machines. The stuff it runs works properly in parallel but runs faster on one machine with shared memory than it can on a cluster.

Re:Now all I need...

[Rockoon]

CPU loadout prices and performance metrics for various setups

The 12-core X56xx's solutions arent touching the 48-core solutions from AMD as of yet in parallel workloads. The Opteron 6168 solution is cheaper with more performance and the Opteron 6174 route is more expensive but significantly faster over-all, than a pair of X5690 priced at $3300+

I am simply amazed that Intel has not taken its older designs for larger process sizes and simply packed on more cores during a process reduction in order to break AMD's knee's in this market. Instead they are only using even more transistors per core and not upping the core count. That strategy is OK for desktop chips but the virtualization crowd that is running dozens of servers on one box are better off with more cores.

Not that AMD has produced anything stellar recently (tho Bobcat is certainly a formidable Atom competitor while Bulldozer is rumored to be postponed due to serious performance issues with the current stepping) but Intel still doesnt offer any competition in the big virtualization arena vs AMD's several-year-old solutions.

Re:Now all I need...

[__aamnbm3774]

The linux guests share ram nicely,

...until all of your linux boxes need ram at the same time.
at least with overprovisioning, you know you won't tip the scales if all your machines burst at the same time.

Re:Now all I need...

[elfprince13]

Last time I tried it, Star Craft ran better under Wine than under 64-bit Vista or 7, so even if you want to do something useful under Windows it probably shouldn't be that.

Re:Now all I need...

IBM sells the x3850 which supports 1 Terabyte of RAM and 32 cores. It is a great virtualization platform as often the limiting factor is RAM. We have three of them in our server room. These are very solid machines.

Re:Now all I need...

[h4rr4r]

Just spend $20k on 12 cores and 128GB on two machines. Vmware licensing restricted our core count.

Re:Now all I need...

[Thavilden]

He wants the malware, why have all those cores if you're not going to peg them?

Re:Now all I need...

I love it when that kind of machines is put to good use ... not

Re:Now all I need...

[dotancohen]

16 cores and 32 GB of RAM

That's, uh, not exactly all that out there, these days.

GP mentioned Windows. The Windows Server license that runs on 16 cores is really, really "out there" for home users. So we can assume that he is talking about a home OS, and for a home PC 16 cores really is "out there".

Re:Now all I need...

[glwtta]

The Windows Server license that runs on 16 cores is really, really "out there" for home users.

He just mentioned streaming porn in a domU, a single (or two) core license would do just fine.

It's more than a typical off-the-shelf PC, but it's not like it's some crazy spec, with "consumer" components you can put one together for $3-4k (well, ok, with 12, not 16 cores).

Re:Now all I need...

[petermgreen]

The 12-core X56xx's solutions arent touching the 48-core solutions from AMD as of yet in parallel workloads

Yeah if you push the core count insanely high you can get to the point where (for some workloads) the number of cores makes up for the low performance of the individual cores but afaict there is no 16-core system on the market that is faster overall than a 12 core 56xx series system.

Re:Now all I need...

[KZigurs]

Last 5 machines assigned for me to have fun in had each 16 cores and 96GB RAM each... I have requested 3 more.

Re:Now all I need...

[WuphonsReach]

GP mentioned Windows. The Windows Server license that runs on 16 cores is really, really "out there" for home users. So we can assume that he is talking about a home OS, and for a home PC 16 cores really is "out there".

Well... I was curious. The major cost in a multi-CPU setup is generally the motherboard. Enthusiast boards are typically in the $150-$250 range, dual-CPU boards are generally in the $400-$550 range (Tyan Thunder n3600T). The 2.8GHz Opteron 6-core CPUs are around $310 each, with slightly slower 2.6GHz 6-core (2435) units at $200.

So a 12-core dual-CPU Opteron setup isn't all that far out there, at least not for an enthusiast. You're looking at paying an extra $500-$800 for the 2nd CPU and more RAM.

The 2.6 8-core Opteron CPUs are $1000 each. The slightly slower 2.4GHz 8-core Opteron (6136) are about $700 each. Those are still bit out there. Since the 12-core Opterons are much lower speed, I didn't bother pricing them.

Re:Now all I need...

We have been running couple of clusters each 7 units having 198GB couple of months and consider either go up to 256GB this year or upgrading to Cisco UCS with 512 GB to 1TB configuration. I still remember when it started -99 running just one vm in vmware desktop with 128MB ram and I do not dare to think what we might be within next ten years or so.

Re:Now all I need...

[Rockoon]

but afaict there is no 16-core system on the market that is faster overall than a 12 core 56xx series system

AFAIK, everywhere else in the world, money has value.

The X5680 is $1660 per chip, so $3320 for 12 cores.

You can get a lot more performance for $3320 from both Intel (non-parallel) and AMD (parallel.) Thats the end of the debate. You can't argue your way around it, and attempts to do so is an indication of brand-based self-delusion. Those chips are designed specifically to extract money from fanboys willing to over-paying.

Meanwhile

[TheRaven64]

Xen Dom0 support has been supported in released versions of NetBSD and Solaris for something like 4 years, while the VMWare lobby on the LKML was requiring the entire paravirtualisation subsystem to be rewritten before they'd accept patches, and Red Hat decided to push KVM as a Xen replacement, in spite of them having very different capabilities.

Re:Meanwhile

[Lemming+Mark]

Xen support got into NetBSD and Solaris more easily, I think, because influential individuals pushed it in there whereas the Linux community had lots of quibbles over the patches and how they should be done correctly. The debate with VMware was a bit confusing and didn't help things get done quickly. RH and IBM and SuSE and others were behind Xen originally but that has gone a bit quieter subsequently.

Part of all of this, though, is due to the Xen team having different priorities to most of those other organisations - especially whilst setting up their own Windows-focused virtualisation product. There's a fair degree of difficult personalities on the Xen and Linux sides too which probably didn't help things go smoothly.

Re:Meanwhile

[zefrer]

Just had to reply to this.. Sun forked Xen 3.1 something like 4 years ago, yes. That same fork, Xen version 3.1 is what is still being used today in Solaris and Sun had previously (pre-buyout) said they would not merge to any newer versions of xen.

So while Solaris can claim Xen Dom0 support it is no where near the capabilities of current Xen 4.0 and with no plans to update you're stuck on 3.1 with support only coming from, now, Oracle. Yeah, awesome.

Re:Meanwhile

[pasikarkkainen]

Remember Xen hypervisor (xen.gz) is a separate piece of code. Kernel (Linux, BSD, Solaris) support for Xen dom0 is another thing. So if someone wants, they could run *Solaris dom0 kernel on Xen 4.1 even if Oracle does not ship it. It might require some work to get the *Solaris dom0 kernel working properly with newer Xen version. Oracle itself has focused on OracleVM, which is their Xen-based virtualization product, using Linux as dom0. You can run Solaris VMs on OracleVM/Xen, of course.

Re:Meanwhile

[diegocg]

'VMWare lobby', WTF? The real problem were things like this and this:

The fact is (and this is a _fact_): Xen is a total mess from a development
standpoint. I talked about this in private with Jeremy. Xen pollutes the
architecture code in ways that NO OTHER subsystem does. And I have never
EVER seen the Xen developers really acknowledge that and try to fix it.

Thomas pointed to patches that add _explicitly_ Xen-related special cases
that aren't even trying to make sense. See the local apic thing.

So quite frankly, I wish some of the Xen people looked themselves in the
mirror, and then asked themselves "would _I_ merge something ugly like
that, if it was filling my subsystem with totally unrelated hacks for some
other crap"?

Seriously.

If it was just the local APIC, fine. But it may be just the local APIC
code this time around, next time it will be something else. It's been TLB,
it's been entry_*.S, it's been all over. Some of them are performance
issues.

I dunno. I just do know that I pointed out the statistics for how
mindlessly incestuous the Xen patches have historically been to Jeremy. He
admitted it. I've not seen _anybody_ say that things will improve.

Xen has been painful. If you give maintainers pain, don't expect them to
love you or respect you.

So I would really suggest that Xen people should look at _why_ they are
giving maintainers so much pain.

                Linus

BTW, I have absolutely no doubt that NetBSD and Solaris merged Xen faster than anyone else.

Re:Meanwhile

Can you elaborate on what different capabilities Xen And KVM have?

Re:Meanwhile

[GPLHost-Thomas]

This kind of post lead to a full re-write of the local APIC code in Xen, and many other sub-systems. What you see happening today is the result of the work due to the critics above (and not only this critics, there was others).

Re:Meanwhile

You are actually and completely wrong. The dom0 kernel must "match" the hypervisor as well. Therefore you will have a hard time running a outdated dom0 implementation on a current hypervisor. Ever noticed that you can actually choose in the linux kernel to which xen version the kernel should be compatible?

Re:Meanwhile

Solaris does, however have Containers, Branded/Zones, Crossbow and Copy-on-Write everywhere (consider the implication for virtualization), Xen is something Solaris supports more or less for the sake of supporting Xen and being able to say that they do saying that they do.

Personally, I'd argue that Zones/Crossbow is way more capable than even Xen 4.0, unless you're looking to run Windows guests, virtualization has been built into Solaris for a very long time, it's both very mature and powerful.

Re:Meanwhile

[martyros]

Unfortunately when this e-mail was sent, Jeremy was just about the only developer working on upstreaming the dom0 work for quite a while; and Jeremy was, unfortunately, still learning how to interact effectively with the kernel community. This can be largely blamed on a tactical error made by the people in charge of XenSource before Citrix acquired them. They were hoping to force RedHat to work on upstreaming dom0, so they kept the Xen fork of linux (linux-xen) at 2.6.18, and only hired one developer to work on upstreaming. RedHat initially said they were going to work on it, but instead ended up buying a company that developed KVM, leaving Xen in a bit of a lurch (for which they really only had themselves to blame).

Since that time, more full-time developers have been brought in, both by Citrix and Oracle, and Jeremy, along with the other developers, have gotten more face-time with the rest of the kernel community. Things are still sometimes contentious (as they are bound to be), but the results of this effort speak for themselves.

Re:Meanwhile

[zefrer]

Not true. The xen hypervisor is matched to the xen version running which is matched to the underlying kernel. It is impossible to take the 4.1 hypervisor and use it in Solaris without xen _dom0_ 4.1 support in the Solaris kernel. "It might require some work" is just about the greatest understatement ever uttered. Never mind that you can't even start on said work as Solaris' kernel is not open source and the last opensolaris source code that was released did not in fact have dom0 support. So yeah..

Re:Meanwhile

[pasikarkkainen]

Opensolaris kernel source code from autumn 2010 (when it was still available from Oracle) does contain Xen dom0 code in the kernel. Some people are using it. I think OpenIndiana ships the XVM/Xen code. There are some known bugs in it, so someone interested in *Solaris (Opensolaris/OpenIndiana/Illumos) dom0 would have to spend some time fixing the bugs and making sure any not-yet-upstream patches (if any) from Solaris XVM hypervisor are applied to upstream Xen hypervisor, and at that point you can just use the upstream xen.org hypervisor with the *solaris kernel as dom0.

Re:Meanwhile

[zefrer]

Again, not true. You cannot 'just use the xen 4.1 hypervisor'. You seem to be completely ignorant of how much work there is in adding dom0 support in a kernel which is fortunate for you only. And the last opensolaris in august 2010 did not have dom0 and nor does openindiana. [1][2][3]

[1] https://www.illumos.org/boards/1/topics/561
[2] http://wiki.openindiana.org/oi/7.+Virtualization
[3] http://opensolaris.org/jive/thread.jspa?threadID=134657

Re:Meanwhile

[jsgf]

On the contrary, the Xen and dom0 kernel versions are largely decoupled. There was a kernel/xen ABI extension added in Xen 3.4 which all the upstream (and post-2.6.32 xen.org) dom0 kernels require, but aside from that there's no coupling.

However, Xen and the usermode toolstack *do* need to have matched versions. You can probably get away with a bit of leeway between them, but the ABI is not considered stable.

I have no idea what changes Sun made to Xen to do their Solaris dom0 work, and I don't know if it's supposed to work on stock xen.org Xen - but if it is, it should work so long as the usermode toolstack is also updated.

Re:Meanwhile

[jsgf]

Eh, well, not quite. I can see where that interpretation might have come from, but I'd had ~15 years of dealing with the Linux community at that point, so I don't think inexperience can really factor into it ;)

What was really going on with that particular patch posting burst and the resulting, er, discussion was to try and draw some more developer attention, since - as you say - I really was operating solo at that point. Various companies had promised resources (ie people), but nothing was actually forthcoming. In the unlikely event that that particular patchset was accepted it would have been moot, but the real purpose was to highlight how much still needed to be done and to get people to publically express interest in getting dom0 into mainline, ideally backed by action/resources.

And while the feedback from the Linux community was strong and somewhat negative, it also put on record what form an acceptable upstreaming path would take.

The outcome was
  - the Xen/dom0 ABI needed to be refined, since the original one required some pretty unpleasant kernel changes, and didn't really make much sense
  - I needed to come up with a new, much more incremental dom0 upstreaming strategy

For the second, I did this by making sure that each patch supporting dom0 functionality also had at least some other purpose (many to do with pv-hvm), so there wasn't the perception of an endless stream of "not yet useful patches" (which is frowned upon). It ended up being so incremental that the "can boot as dom0" milestone (2.6.37) came as a complete surprise even to people within the Xen community.

And of course, I got a big boost when Konrad from Oracle and Ian and Stefano from Citrix started contributing a significant amount of time to the dom0 effort, taking over responsibility for getting large chunks of functionality into upstreamable form. Their help really tipped it from being a endless slog into an achievable goal.

Re:Meanwhile

[pasikarkkainen]

XVM (Solaris Xen dom0) definitely works in OpenSolaris build 134, released in March 2010. If I remember correctly people have been using it also on later builds. Feel free to prove me wrong if that's not the case. Actually it seems XVM is still included in Oracle Solaris 11 Express 2010.11 release. It could be removed from final upcoming Solaris 11 release, but it's still there in the 2010.11 release. Latest XVM hypervisor version is based on Xen 3.4.2, and afaik it has some not-upstreamed patches to the hypervisor. What I wrote in my earlier post was: Someone should upstream the not-yet-upstreamed patches from the XVM *hypervisor*, and at *that* point (after upstreaming) you can use the upstream xen.org *hypervisor*, be it 4.1 or whatever version. Another and separate issue are the Solaris kernel patches needed to run as Xen dom0. Some developer should obviously maintain them, and to begin with make sure they work with the latest Illumos/OpenIndiana kernel. Like said, if there are developers interested in this, it is possible to make it work also in the latest builds. It did work one year ago.

Re:This is the reason why...

[phonewebcam]

Care to comment on how successful Linux has been on handsets compared to its Windows equivalent? Or how about servers. Big servers. Like, oh I dunno, maybe you've heard of Google? m$ sure have - they just shell out all their searches to it.

Re:This is the reason why...

[judhaz]

No normal user would ever read /.

FreeBSD Xen support

[simoncpu+was+here]

Dear FreeBSD,

When will you ever have a Xen dom0 support?

Thanks,

Charlie Root
FreeBSD Fanboi

Re:FreeBSD Xen support

[pasikarkkainen]

At the Xen Hack-a-tron event in March there was some discussion/updates about Xen+FreeBSD.. I can't remember the details, but you might want to ask on xen-devel mailinglist.

Re:FreeBSD Xen support

[TheRaven64]

FreeBSD had dom0 support a few years ago, but it bit-rotted. If you want it, then I can point you at someone who is taking donations to finance the work. Or you can run NetBSD or Solaris in dom0 and FreeBSD in your domUs.

Re:FreeBSD Xen support

Keep an eye or twelve on http://lists.freebsd.org/pipermail/svn-src-projects/2011-May/003972.html

Re:FreeBSD Xen support

Dear Charlie,

We'll add Xen dom0 support as soon as we receive and review your patch for it.

Best regards,
The FreeBSD Team

Been such a long time...

[WaroDaBeast]

Can't wait to blast Vortigaunts again.

Re:Been such a long time...

[WaroDaBeast]

I fail to see how an unmoderated comment can be overrated. Maybe I have no sense of humor?

Re:This is the reason why...

Nice try, except dom0 (Domain zero) is Xen terminology, not something linux specific.

Products such as this aren't going to be used by mainstream mom&pop users, Xen will likely not be available in boxed set at your local computerstore or gameshop. The people using this will likely always come from an IT related background.

And as for windows:
- If you run Xen with Windows, the same terminology applies (except it would be run as dom1+ since Windows doesnt support dom0 to my knowledge)
- If you open up a MCSE manual for windows you'll find a hundred other things that sound just as complicated to a layman as dom0

Now can we get Oracle/Redhat/Citrix

[Mongo]

To dedicate resources to producing a good cluster LVM lock manager that does not depend on CORAID?

Something like SGI's CXVM would be great!!!

Re:Now can we get Oracle/Redhat/Citrix

[Mongo]

s/CORAID/corosync/

Got confused

.. thought for a moment the titles says Linux 3 will have full XMen support!

Re:Got confused

[lennier1]

Admin toughbooks encased in adamantium?

Re:Got confused

[moronoxyd]

Nay, an Adamantium roll-cage will suffice.
But we need lots of red lasers and blue fur and stuff.

Re:Got confused

[camperdave]

So Xen==Mystique?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:This is the reason why...

[kiddygrinder]

virtualisation is complicated, maybe the article should have just said "Linux now has built in stuff to make it so you can run more than OS!", actually that's probably too complicated for most, how about "Another type of computer you don't use has built in support for running more computers inside it! it's like OSX and windows only it's another one!".

Re:This is the reason why...

[suy]

The very first sentence to me sums up why Linux is not successful on the desktop relative to Windows for OSx.

Sorry, but I find this a ridiculous point. I expect from Slashdot some degree of technical level. If Slashdot summaries had to explain everything understandable to "normal desktop users", I would had to find another place to read. Xen is not music player, and requires some knowledge. To me is a product addressed to technical people.

Re:This is the reason why...

[Superken7]

I'm not sure if you are trolling on purpose, or if you don't understand what this news is all about. But I'll bite.

You see, linux runs on almost any kind of hardware: from embedded systems on toasters to phones, desktop computers, laptops, to big servers. Even most supercomputers to date are running Linux. There is a _lot_ of different users that would use Linux in many different ways.

Xen is a technology that virtualizes machines, mainly intended for the data center and cloud computing environments.

This is NOT intended for users in any way. Your mom does NOT have to know that Xen even exists, just like windows users don't need to know what IIS or Apache is in order to browse the web.

Would you also say that windows and OSX is "is way too complicated for people" because you read slashdot news about some geeky kernel details about windows/OSX ?
Surely "no user should need to know, or care about this sort of thing.".

They don't. So do you about Xen. I'm not sure why someone like you is reading and posting on /., because this is usually "news for nerds", as the site indicates. :)

As many slashdotters would say about your reasoning behind your post: "You are doing it wrong." ;)

Will it cook me dinner?

[dutchwhizzman]

So what exactly makes this so special? It's a step for one of the many virtualization solutions in the market these days.

I for one wouldn't trust Oracle with any part of my infrastructure if I can help it. Citrix to me still is a company that makes an expensive Xclient for MicroSoft products and a niche product they bought, Xen, with no apparent synergy with their windows products, and who else really cares?

Re:Will it cook me dinner?

[pasikarkkainen]

Remember Xen hypervisor is opensource (GPL), just like Linux kernel, so all the Oracle and Citrix code in the hypervisor and in the kernel is opensource. Citrix uses XenServer as a platform to run their other products, and obviously Xen is the best platform to run those Citrix "windows products". Novell ships Xen in Suse Linux Enterprise (SLES) 10 and 11. Debian ships Xen in their current version. I heard Ubuntu is going to add Xen back now when the kernel components are included in upstream Linux. Fedora ships Xen aswell. Not to mention majority of the cloud (Amazon EC2, Rackspace, etc) are running Xen.

Re:Will it cook me dinner?

[Enter+the+Shoggoth]

So what exactly makes this so special? It's a step for one of the many virtualization solutions in the market these days.

I for one wouldn't trust Oracle with any part of my infrastructure if I can help it. Citrix to me still is a company that makes an expensive Xclient for MicroSoft products and a niche product they bought, Xen, with no apparent synergy with their windows products, and who else really cares?

Bingo!

Re:Will it cook me dinner?

[GPLHost-Thomas]

The part that you are missing is that at the hart of Citrix desktop virtualization (they call it VDI), there's Xen running. That's the reason why they bought Xen, and why they are pushing its development. So yes, there's a synergy, and it's also for their Windows stuff...

Dont trust anything for Oracle or Ellison & Co

This is the worst company ever and Larry Ellison is greedy. If you are a Sun workstation owner read below:

http://www.newser.com/story/76753/americas-greediest-people.html

America's Greediest People
Larry Ellison heads up a list full of no-good rich folks
By Kevin Spak, Newser Staff

Posted Dec 23, 2009 2:12 PM CST

        STORY
        COMMENTS (36)

Email Share

(Newser) – These days, it’s easy to fill up a “greediest Americans” list. Just ask TooMuch.org, a site devoted entirely to “excess and inequality.” “We could fill an entire top 10 just with bankers from Goldman Sachs,” it boasts. The list:

        Larry Ellison: The really galling part isn’t the fortune he spent on his yacht—including $10 million for the mast alone. It’s that the Oracle CEO contested the $166.3 million tax appraisal on his mansion, ultimately costing local schools $250,000 a year.

        Richard Scott: Scott, CEO of Columbia/HCA Healthcare Corp. during its Medicare fraud scandal, led the year’s media blitz against Democrats’ health care reform efforts.
        Mark Hurd: Hewlett-Packard’s CEO jacked up ink prices, while firing 6,000 workers and cutting salaries. He, meanwhile, took home $26 million.
        Rupert Murdoch: One day, while cruising on his $30 million yacht, Rupert decided to start the drumbeat to charge for newspaper articles. Probably because his annual take-home from News Corp had fallen to a meager $27.5 million.
        For the full list, click the link above.

Re:This is the reason why...

[leuk_he]

I Thougth i had a IT background. I Do run virtualisation product on my desktop for development purposes. I Did this even long before this was useful (For just the cool factor of running 2 OS'es at the same time).

But after 2 minutes of reading it still is not clear what Dom0 is, and what the consequences are. In fact the "domain" is not explained.

You might say that I am not expert enough, but the whole problem is that Xen might not be simple enough, failing the KISS principble.

Re: What?

[Atomic+Fro]

German engineering the house, ya?

Largely irrelevant though

[buchanmilne]

... as most users don't use vanilla upstream kernels. And, most distributors / distros have a supported release which provides Xen Dom0 support (including Red Hat).

Re:Largely irrelevant though

[pasikarkkainen]

.. Most users end up using "upstream kernels" when their distros release new version with new kernel.. Distros like Ubuntu and Fedora release two times a year so they don't want to do custom porting of patches, they want all the features to be in upstream Linux kernel. Linux distributors like Redhat have "upstream first" policy, which means features need to be in upstream Linux kernel before they can be included (backported) to products. So when Xen dom0 support is now in upstream Linux kernel it means most distros can actually ship it easily!

Re:Largely irrelevant though

[cynyr]

hmm, since the new kernel dev model(2.5.x basically) I've been running vanilla kernels, or at least distros that do not require the huge custom patch sets... ahh the good old days of redhat 7.2, and suse 6....

Re:This is the reason why...

[Lemming+Mark]

It's partly historical and partly because Xen is structured differently to lots of other virtualisation systems.

"Domain" is to "virtual machine" as "process" is to "program". i.e. it's a running instance of a virtual machine. If you kill a VM and restart it, it's the same VM but a different domain. In practice VM and domain are blurred a bit when people talk, though.

Domain 0 is a bit like the host OS, but for technical reasons it's not exactly.

At last...

[mingle]

MagicWB comes to Linux - I've been waiting for this since I sold my Amiga 1200!

Re:At last...

[larppaxyz]

With just 8 colors, Linux desktop will FLY!

Re:This is the reason why...

[jimicus]

IME (and I freely accept I may be utterly wrong...), all that means is the building blocks are in place to do it.

The F/OSS software for managing virtualisation is still pretty dire - if I'm being honest, it feels like someone read a VMWare feature list and decided to copy it without first ensuring they understood what all the features actually were. So they bang on about how having "feature equivalence" yet close investigation suggests that it's not as simple as that.

Re:This is the reason why...

[Vryl]

YHBT. YHL. HAND.

Did you know M$ is a Xen partner?

http://www.informationweek.com/news/190500358

Re:Did you know M$ is a Xen partner?

[Lennie]

Actually they sponsored (a large part ?) the research at the univerisity when Xen was created.

Re:Did you know M$ is a Xen partner?

This is why Hyper-V is so similar to Xen.

Re:Did you know M$ is a Xen partner?

[GPLHost-Thomas]

And have you noticed that Hyper-v has the exact same structure like Xen, eg an hypervisor running first, then the controler-driver-os running 2nd? :)

Re:This is the reason why...

You might say that I am not expert enough, but the whole problem is that Xen might not be simple enough, failing the KISS principble.

The KISS principle applies to the implementation... NOT to your ability to understand it

Re:This is the reason why...

[nschubach]

The question I have is: Can I run Xen with my Linux dom0 and have Windows on dom1 with full GPU support and easily swap between the two so I can run my basic Linux desktop on one hand and have Windows load up and run a game in another. So far no VM solution has real capability to use full video acceleration on "guest" operating systems.

Re:This is the reason why...

[gatkinso]

I'd like to see the "normal user" puzzle over this:

http://www.nirsoft.net/articles/windows_7_kernel_architecture_changes.html

Uh huh. That's right. Designing an OS can get a bit.... complicated.

No you don't

I hopefully speak for lots of people

No you don't. (PLEASE moderators, use your points on something I can actually learn from.)

So Linux 3.0 got its major feature after all

[cronius]

Just when Linus finally started convincing people that Linux 3.0 would be a "normal time based release" with "no major changes" they whip this milestone feature out from under the rug.

Xen out of the box? Linux 3.0.

Re:So Linux 3.0 got its major feature after all

[Nimey]

That feature would have been in 2.6.40 had it been numbered that.

Re:So Linux 3.0 got its major feature after all

[cronius]

I know, I just thought it was nice that there's now a milestone pegged to the 3.0 release as opposed to "just the normal fixes and new drivers" kinda thing. I understand that it's a complete coincidence.

Re:This is the reason why...

No. Windows does not support being dom0, therefore doesn't use native drivers but virtual ones.

Re:This is the reason why...

[GPLHost-Thomas]

You could have full GPU support in Windows, using the PCI passthrough system (if your hardware is VT-d capable). But, to my knowledge, swapping between a Linux desktop using the GPU and windows using the GPU as well isn't possible. However, you can run in full screen both windows and linux, if you use the SDL driver.

For all this, it might be more easy to use Virtualbox though. Virtualbox is more adapted to the desktop environment, and when you have a Direct-X / OpenGL call in windows, it is translated into an Open-GL in your Linux (I'm not sure if it would also do that if you were running Windows as host, you'd have to check by yourself if you are interested in doing so). For that reason, Virtualbox is damned fast when it comes to read films, or play games, in a virtualized Windows. It doesn't work perfectly with all video boards though, as much as I could see.

Why Citrix bought XenSource

[martyros]

Here's why Citrix bought XenSource.

There's been a developing market for desktop virtualization (VDI) -- meaning not "running a VM inside my desktop", but for corporations to run "desktops" as VMs inside of servers and export them to think clients on people's desks.

Citrix has a ton of capabilities in this area. They have decades of experience with handling remote display technologies, dealing with users, dealing with disk images, and so on. So they were in a perfect position to capitalize on this new trend with their existing technology and expertise.

However, to really run desktop software, you need enterprise-grade virtual machine software. Citrix didn't have any. They could recommend people run Hyper-V, but it's a new technology and by most measures not really as good as other solutions. They could recommend that people buy VMWare. However, VMWare have their own VDI solution. If you were an IT exec, deciding what to deploy for your VDI solution, would you run Citrix's VDI controller on VMWare's hypervisor, or would you just run VMWare's VDI controller on VMWare's hypervisor? Odds are that you'd favor buying from one vendor; it's likely that the software will work better together, and in any case you'll never end up in a situation where Citrix says it's VMWare's problem and VMWare says it's Citrix's problem, and you're stuck in the middle.

Not having their own virtualization solution would be a big limiting factor for Citrix's success in the desktop market. So, they bought XenSource. Now they can offer XenDesktop and XenServer together, offering a complete stack of software from top to bottom. That's the synergy they were looking for.

But of course, that buying that stack as a whole only makes sense if XenServer is actually enterprise-grade virtualization -- so they're still keen for XenServer to be a viable product in its own right.

Re:This is the reason why...

[raju1kabir]

This is the reason why no normal user would ever read /.

Is that a problem? I'm more interested in reading a site where people do know this stuff. The people who don't know or don't care have plenty of other places to go.

Ok, I'm slightly confused.

[Short+Circuit]

My understanding of Xen was that it was a hypervisor, had a dom0 guest VM for administering the hypervisor, and dom0s for less privileged guest VMs.

Is this about running Xen inside Xen, or am I way off target?

Re:Ok, I'm slightly confused.

[GPLHost-Thomas]

"Xen inside Xen" is in fact called "nested virtualization", and it's been a long time that Xen is capable of doing that. Even better, now it's possible to run HVM inside HVM, since few patches have reached the xen-devel list. The drawback? Well, there isn't any, because in fact, the nested part is only an illusion (or, let's say, an administrative view), as Xen "sees" the VMs as all being equal.

But in fact, no, it's not about nested virtualization. It's about Linux from kernel.org not having to be patched anymore to be able to run as a dom0 under Xen, as the remaining drivers have been upstreamed during the last merge window. You can already download Linux 3.0-rc1, and you'll see it has all the options, including CONFIG_XEN_BLKDEV_BACKEND, which was missing one release ago (due to not enough people having reviewed the code).

Re:Ok, I'm slightly confused.

[martyros]

My understanding of Xen was that it was a hypervisor, had a dom0 guest VM for administering the hypervisor

dom0 does run under Xen and does the administrative tasks. But dom0 has another purpose: it has drivers for all of the hardware on the system. It doesn't make sense for Xen to try to have drivers for every bit of hardware that's out there -- Linux already does that very well, so there's no point in duplicating effort, especially since device drivers have *nothing* to do with virtualization. So the Xen leverages the device drivers already available in Linux.

That's part of the reason this has taken so long to get in. Basic Linux guest support has been in for years. But making the same source code work on bare metal (where it has to set up all kinds of things itself) work on Xen (where it has to interact with Xen to get things like interrupts and so on) is tricky, and requires some changes in the core kernel code. Kernel maintainers don't care if the code in arch-specific directories is a bit ugly, but they are very picky about core kernel or x86 arch code.

The most contentious bit was merged in 2.6.37; since then other, less contentious functionality (i.e,. not touching core kernel code) is slowly being merged in, with the final piece necessary to be able to actually boot guest VMs merged in for 3.0.

Re:Ok, I'm slightly confused.

[Short+Circuit]

Ah, got it. Thanks.

(Also, for the record, I recognize I should have said "domUs" for less-privileged guest VMs)

(Also, Slashdot's commenting system is driving me batty. *flies away*)

Re:Ok, I'm slightly confused.

[jon3k]

this is about support being in the mainline kernel. if you've ever used centos you'll remember having to install a kernel-xen kernel specifically built to support Xen.

and just fyi, the other guests are called "domU"

Re:Ok, I'm slightly confused.

[pasikarkkainen]

And just to confuse people even more there's the concept of Xen "driver domains", which disaggregates device drivers from dom0 to multiple VMs. "Driver domains" model allows you to run device driver for a piece of hardware in a VM - ie. use Xen PCI passthru to assign a PCI device to some VM, run the driver for the hardware in the VM, and also run Xen backend driver in the VM, so you can provide a virtual disk or virtual network from the "driver domain", instead of from dom0. Btw this Xen "driver domains" concept allows for example running Solaris+ZFS in a Xen VM and to provide virtual disks for other VMs from ZFS..

Three-point-O?

[HomelessInLaJolla]

Not that I have the ability to really even do anything with it but I thought that 2.4 and 2.6 were it, maybe a 2.8, but after that it was all just going to be daily, stable, and branch co.

3.0? Have they sold out to marketing?

Re:This is the reason why...

[judhaz]

Not a problem at all, in fact, as you say, it's the opposite; people know the stuff. My comment was merely directed to the previous poster.

Re:This is the reason why...

[kiddygrinder]

yeah, everything but vmware is hard to set up, if you're going to sell VMs getting xen running is probably worthwhile tho. good news is vmware has an open source offering you can install straight out of your package manager (probably). i've actually spent a couple of weekends messing with virtualisation, that last post was me just being sarcastic at the troll.

Linus "no notable features in 3.0"

While Linus is technically correct here is one of the big (humungo) changes that happened not to long ago that I would consider it a 3.0 advancement. Removing the global lock in the kernel. This is a fundamental change and happened close enough to 3.0 release that I'd have considered it a big reason for naming it 3.0.

Linux?

[tanderson92]

But will it run Linux?

What Xen is:

In computing, Xen (pronounced /zn/) is a virtual-machine monitor for IA-32, x86-64, Itanium and ARM architectures. It allows several guest operating systems to execute on the same computer hardware concurrently.
It requires a pretty recent computer to be useful.

How about if they fix basic features like shutdown

[diego.viola]

How about if they fix basic features like the ability to shutdown properly?

https://bugzilla.kernel.org/show_bug.cgi?id=33872