Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linux Virtualization Kir Kolyshkin OpenVZ project manager.

Published byDarcy Wade Modified over 6 years ago

Similar presentations

Presentation on theme: "Linux Virtualization Kir Kolyshkin OpenVZ project manager."— Presentation transcript:

1 Linux Virtualization Kir Kolyshkin OpenVZ project manager

2 What is virtualization?
Virtualization is a technique for deploying technologies. Virtualization creates a level of indirection or an abstraction layer between a physical object and the managing or using application. Virtualization is a framework or methodology of dividing the resources of a computer into multiple execution environments... A key benefit of the virtualization is the ability to run multiple operating systems on a single physical server and share the underlying hardware resources – known as partitioning. 2

3 Ways to Virtualize Hardware Emulation Para-Virtualization
Virtualization on the OS level Multi-server virtualization multi-server virtualization is actually not about virtualization; it's rather more about grid and clustering, so I'm not going to cover that. 3

4 Hardware Emulation a.k.a. VM (Virtual Machine) VMware QEmu Bochs Pros:
Can run arbitrary OS, unmodified Cons: Low density/scalability Slow/complex management Low performance Low manageability: many os to manage, must login to each, mass management is equally difficult to multiple physical. Low performance is/will be mitigated by Intel's VT (aka Vanderpool) and AMD's Pacifica, so it's not really an issue. After all, emulation approach looks strange: why do we run OS on top of another OS? OS is designed to be run on hardware, not something virtual. 4

5 Para-virtualization Xen UML (User Mode Linux) Pros: Cons:
Better performance Cons: Needs modified guest OS Static resource allocation, bad scalability, bad manageability 5

6 OS Level Virtualization
OpenVZ FreeBSD jails Linux-VServer Solaris Zones Pros: Native performance Dynamic resource allocation, best scalability Cons: Single (same) kernel per physical server 6

7 OSs evolution Multitask many processes Multiuser many users
Multiple execution environments many virtual environments (VEs, VPSs, containers, guests, partitions, zones...) This is a natural step in evolution of the Operating Systems, and Linux is the first one. Virtualization is really needed by everyone, and will be a part of any OS kernel. 7

8 OpenVZ design approach
It was first throughoutly thought about, then designed (in 1999) and implemented as per this design. 8

9 OpenVZ: components Kernel Virtualization and Isolation
Resource Management Checkpointing Tools vzctl: Virtual Environment (VE) control utility vzpkg: VE software package management Templates precreated VE images for fast VE creation 9

10 Kernel: Virtualization & Isolation
Each virtual environment has its own Files System libraries, applications, virtualized /proc and /sys, virtualized locks etc. Process tree Featuring virtualized PIDs, so that the init PID is 1 Network Virtual network device, its own IP addresses, set of netfilter and routing rules Devices Plus if needed, any VE can be granted access to real devices like network interfaces, serial ports, disk partitions, etc. IPC objects shared memory, semaphores, messages 10

11 Kernel: Resource Management
Managed resource sharing and limiting. Two-level disk quota (first-level: per-VE quota; second-level: ordinary user/group quota inside a VE) Fair CPU scheduler (SFQ with shares and hard limits) User Beancounters is a set of per-VE resource counters, limits, and guarantees (kernel memory, network buffers, phys pages, etc.) Resource management is a very important and very complex thing. Consider the story of CPU scheduler development: (1) Need for CPU shares – to balance CPU power between VPSs. So every VPS have a guaranteed minimum share but can use up to all CPU power if available. (1a) BUT as number of VPSs per server grow, guaranteed minimum remains but power decreases, thus ppl complain, thus (2) Need for upper CPU limit. Hard limits the max CPU power, even if it's available. It solves 1a problem, but introduces another problem – power is not used even if available. Thus (3) Need for burstable CPU limit (not yet implemented). VPS can have up to all CPU power but not always – say, limited per month or so. FIXME kir: talk to somebody about (3). 11

12 Kernel: Checkpointing/Migration
Checkpoint: VE state can be saved in a file running processes, CPU registers, ... opened files, signals, IPC, ... network connections, buffers, backlogs, etc. private/shared memory Restore: VE state can be restored later Live migration: VE can be restored on a different physical server

13 Kernel: Security Security in virtualization solutions
What makes OpenVZ secure? Security model (deny by default) Tracking mainstream security fixes Stable kernel 2.6.8, code freeze, no new bugs Security review by Solar Designer Activity monitors Practice (400,000 public VEs)

14 Tools: VE control # vzctl create 101 --ostemplate fedora-core-5
# vzctl set ipadd save # vzctl start 101 # vzctl exec 101 ps ax PID TTY STAT TIME COMMAND 1 ? Ss 0:00 init 11830 ? Ss 0:00 syslogd -m 0 11897 ? Ss 0:00 /usr/sbin/sshd 11943 ? Ss 0:00 xinetd -stayalive -pidfile ... 12218 ? Ss 0:00 sendmail: accepting connections 12265 ? Ss 0:00 sendmail: Queue 13362 ? Ss 0:00 /usr/sbin/httpd 13363 ? S :00 \_ /usr/sbin/httpd 13373 ? S :00 \_ /usr/sbin/httpd 6416 ? Rs 0:00 ps axf # vzctl enter 101 bash# logout # vzctl stop 101 # vzctl destroy 101 I will actually show a two-minute live demo in a green-on-black terminal instead of this page. 14

15 Tools: Templates # vzpkgls fedora-core-5-i386-default
centos-4-x86_64-minimal # vzpkgcache (creates templates from metadata/updates existing templates) # vzyum 101 install gcc (installs gcc and its deps to VE 101) 15

16 768 (¾) MB RAM - up to 120 VEs 2GB RAM - up to 320 VEs
Scalability Test used is «dynamic latency» test. Apaches were serving dynamically generated web pages (a simple CGI Perl script is run for each request). 768 (¾) MB RAM - up to 120 VEs 2GB RAM - up to 320 VEs 16

17 Usage Scenarios Server Consolidation Hosting Development and Testing
Security Educational 17

18 Server Consolidation A bunch of servers: harder to manage
upgrade is a pain eats up rack space high electricity bills A bunch of VEs: uniform management easily upgradeable and scalable fast migration 18

19 Hosting Web server serving hundreds of virtual hosts
Users see each other processes etc DoS attacks Unable to change/upgrade hardware Users are isolated from each other VE is like a real server, just cheap Much easier to admin 19

20 Development & Testing A lot of hardware
Zoo: many different Linux distros Frequent reinstalls take much time Fast provisioning Different distros can co-exist on one box Cloning, snapshots, rollbacks VE is a sandbox – work and play, no fear 20

21 Security Several network services are running One of them has a hole
Cracker gets through Whoops...”all your base are belong to us” Put each service into a separate VE OpenVZ creates walls between applications Added benefit: dynamic resource management 21

22 Educational No root access Frequent reinstalls DoS attacks
Everybody and his dog can have a root access Different Linux distros No need for a lot of hardware 22

23 Future plans Stable 2.6.18 kernel I/O scheduling based on CFQ
Continue to maintain kernels from various distributions (SUSE10, FC5, RHEL4, Mandriva) Work on mainstream kernel virtualization Support for more platforms (PPC, more?) 23

24 Your role Use OpenVZ Contribute, be a part of the community:
Programmer fixes enhancements new functionality Non-programmer bug reports documentation, HOWTOs answer support questions 24

25 Project Links Main site: http://openvz.org/
Downloads: Sources: Forum: Bug Tracking: Blog: Mailing lists: 25

Download ppt "Linux Virtualization Kir Kolyshkin OpenVZ project manager."

Similar presentations

Linux Virtualization Kir Kolyshkin OpenVZ project manager.

Linux Virtualization Kir Kolyshkin OpenVZ project manager.
PlanetLab Operating System support* *a work in progress.

PlanetLab Operating System support* *a work in progress.
Virtual Machines What Why How Powerpoint?. What is a Virtual Machine? A Piece of software that emulates hardware.  Might emulate the I/O devices  Might.

Virtual Machines What Why How Powerpoint?. What is a Virtual Machine? A Piece of software that emulates hardware.  Might emulate the I/O devices  Might.
Xen and the Art of Virtualization A paper from the University of Cambridge, presented by Charlie Schluting For CS533 at Portland State University.

Xen and the Art of Virtualization A paper from the University of Cambridge, presented by Charlie Schluting For CS533 at Portland State University.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Virtualization for Cloud Computing

Virtualization for Cloud Computing
Linux Virtualization Kir Kolyshkin OpenVZ project manager.

Linux Virtualization Kir Kolyshkin OpenVZ project manager.
1 MASTERING (VIRTUAL) NETWORKS A Case Study of Virtualizing Internet Lab Avin Chen Borokhovich Michael Goldfeld Arik.

1 MASTERING (VIRTUAL) NETWORKS A Case Study of Virtualizing Internet Lab Avin Chen Borokhovich Michael Goldfeld Arik.
Virtualization A way To Begin with Virtual Reality… - Rahul Khanwani.

Virtualization A way To Begin with Virtual Reality… - Rahul Khanwani.
Tanenbaum 8.3 See references

Tanenbaum 8.3 See references
Chapter 3 Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.

Chapter 3 Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.

Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Operating System Virtualization

Operating System Virtualization
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
An Introduction to Xen Prof. Chih-Hung Wu

An Introduction to Xen Prof. Chih-Hung Wu
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.

Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
A Cloud is a type of parallel and distributed system consisting of a collection of inter- connected and virtualized computers that are dynamically provisioned.

A Cloud is a type of parallel and distributed system consisting of a collection of inter- connected and virtualized computers that are dynamically provisioned.
OpenVZ Live Migration Jim Owens. Overview Review of OpenVZ Features Resource management Installation VM creation VM management Checkpointing Migration.

OpenVZ Live Migration Jim Owens. Overview Review of OpenVZ Features Resource management Installation VM creation VM management Checkpointing Migration.
Linux Virtualization Technology Alternatives Kir Kolyshkin OpenVZ project manager Rencontres Mondiales du Logiciel Libre 13 July 2007.

Linux Virtualization Technology Alternatives Kir Kolyshkin OpenVZ project manager Rencontres Mondiales du Logiciel Libre 13 July 2007.
An overview of OpenVZ virtualization technology Kir Kolyshkin OpenVZ project manager Gelato ICE 17 Apr 2007.

An overview of OpenVZ virtualization technology Kir Kolyshkin OpenVZ project manager Gelato ICE 17 Apr 2007.

Similar presentations

Ads by Google