[Gllug] Debian: vserver vs openvz

Richard Huxton dev at archonet.com
Tue Jul 29 12:09:56 UTC 2008 

Since we're on the topic of virtualisation, does anyone have any 
experience of these? I'm looking at one or t'other for half-a-dozen VMs 
on a small web/app server.

Background for those not familiar with the projects, and a summary of 
what I've found from trawling the web:

The linux-vserver and openvz projects are both "operating-system level" 
virtualisation (i.e. they're not, really). They isolate groups of 
processes into a security context running on a single O.S. kernel - 
similar to BSD's jail system or Solaris' zones. In addition, your 
processes get chrooted so they have their own directory structure. You 
can then load whatever packages you like into each container/vm. Typical 
uses would be for webhosting companies, or if you want to run php4 and 
php5 inside apache, or run perl 5.8 and perl 5.10, or compare and 
contrast different smtp servers. There tend to be limitations on running 
things like firewalls or other low-level apps on the VMs.

OpenVZ is the free portion of the virtuozzo system from Parallels. There 
are downloadable pre-patched kernels available from the project website. 
Documentation seems good. As with any single-company project there's the 
possibility that they abandon the open-source portion and it will take 
time for someone to pick it up.

The Linux-Vserver project has been around for years, distributes the 
actual kernel patches from their site. As it happens though, Debian have 
it available via apt. Documentation seems OK, but is disorganised. As 
with any small community project, developer-time might dry up if paying 
work leads elsewhere.

Both projects seem to have reasonably active mailing lists and as far as 
the user-space tools are concerned seem to operate in similar ways.

With OpenVZ you need to set up NAT and forwarding to the VMs, whereas 
vserver does something automagical behind the scenes. The automagical 
approach does mean you need to be careful about e.g. apache listening on 
all interfaces and preventing your VMs starting up properly.

OpenVZ has a "live migration" feature, but I haven't tried that.

Vserver has a "hashify" tool to replace duplicated libraries etc. with 
hard-links. This reduces disk-space requirements and presumably should 
reduce load on disk-cache and buffers too. Disk space is cheap, but 
using RAM more efficiently is always useful. There is a similar feature 
in the paid-for Virtuozzo but not OpenVZ.

In the small web-test I ran, vserver was slightly ahead on performance, 
but I've not got any experience tuning either. Both seemed to be pretty 
close to full host performance, and coped fine with running 10 
concurrent apache+php VMs under load.

If I were going by blog-coverage or didn't run Debian, I'd probably go 
for OpenVZ. Since the vserver-patched kernel is available from Debian 
though, I'm leaning towards that at present. Anyone with real experience 
  out there though?

-- 
   Richard Huxton
   Archonet Ltd
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list