[ale] Headless, Consoleless, DVDless, NetInstall? was: Fedora NetInstall via USB Drive

Michael H. Warfield mhw at WittsEnd.com
Sat Apr 18 23:44:24 EDT 2009


On Fri, 2009-04-17 at 23:58 -0400, Richard Bronosky wrote:
> I checked out OpenVZ (not that using it is an option at my current
> company) and it looks very interesting. Unfortunately, the wiki at
> openvz.org is full of broken English that creates a lot of ambiguity.
> What I was hoping to find out is if the chroot-y single kernel nature
> of it makes in vulnerable to having a crash of one EV take down the
> rest.

	Actually less so than with para or hardware virtualization.  I found
that VMware and VirtualBox (and XEN) required some care in order to
insure that they didn't starve the host for resources such as CPU or
memory and the controls you have are very coarse grained (memory and
disk and that's about it).  Being more intensive they tend to demand
more resources from the host and I'm unlikely to be able to add as many
VM's before the host is crushed under the load.  OTOH, the same number
of VM's on OpenVZ barely tickle the load average and the processes are
just that, more processes.  OpenVZ has very nice fine grained control
over several dozen kernel resources to prevent one VM from dominating
the entire box and the defaults are VERY (often TOO) conservative.  I
invariably have to open up some resources for certain VM's that need it.
But that's generally very easy monitor and to do dynamically, another
BIG advantage to OpenVZ.

	One thing, though, that Linux Vservers does better than OpenVZ.  Linux
Vservers have a "unify" operation where common binaries between the VM's
are linked to a common file in the host system.  With OpenVZ, each VM
has it's own binary images (as does Linux Vservers if you don't unify).
In the kernel, with the unified binaries, you run a common code in
memory for all the VM's.  That reduces memory demand even more as well
as disk space  The trick they pull is COW (Copy On Write).  If an
individual VM writes to one of these unified images, it gets its own
private copy of the (now modified) file and the common (and all the
rest) files are not tampered with.  I THINK this could also be done with
OpenVZ using unionfs and an overlay system but I haven't played with it
to any extent and probably won't until we see LXC Linux Containers
mature in the mainline kernel.  At one time there was an effort to put
code page congruency in the kernel.  Even if you had different files, if
the code in memory was the same, they would use the same memory page,
marked to copy on write.  AFAIK, that got pulled due to patent concerns
and isn't in the kernel now.  That would help with memory utilization
but not diskspace.

> .!# RichardBronosky #!.

	Regards,
	Mike


> On Fri, Apr 17, 2009 at 6:17 PM, Michael H. Warfield <mhw at wittsend.com> wrote:
> > On Fri, 2009-04-17 at 17:29 -0400, Jim Lynch wrote:
> >
> >> I gotta put in a plug for my favorite, OpenVZ.  It's sort of a super
> >> chroot, but really more.  It's a smaller footprint for each VE.  The
> >> only drawback I see is that it only supports Linux distros.  I have a 2
> >> Gb system here with 15 OpenVZ VEs, some running Ubuntu some running
> >> Centos, one running FC5.  There is only one kernel and it serves all the
> >> VEs, rather than each VE having its own kernel.  You can get more bang
> >> for your buck if you only run Linux VEs.  It's well supported and there
> >> is a pretty nice web based control panel to control it.  Migrating from
> >> one computer to another is a breeze as is cloning.  I've been very happy
> >> with it so far.
> >
> >        I have to concur with this.  If it's Linux on Linux, this is, IMNSHO,
> > the way to go.  It's very light weight.  I've got almost 3 dozens VM's
> > running on one host node with almost 800 processes without freaking the
> > load average out.  With vzmigrate, you can move a machine from one chunk
> > of iron to the other as demand dictates.  OpenVZ is the OpenSource side
> > of the Virtuoso product, so if you want to go with something
> > "commercial", you've got that to back you up and they've got some pretty
> > tools to work with.  I've made a few minor contributions to the OpenVZ
> > project myself.
> >
> >> openvz.com
> >
> >> It's in the Centos repo, so I suspect it's in RedHat and Fedora.
> >> They've just recently (last year) started supporting a Ubuntu hardware
> >> node kernel.  In the past they only had a RH derivative.  One nice thing
> >> about the OpenVZ community is that a lot of the mods they made to their
> >> custom kernel, they've contributed back into the mainstream kernel.
> >> Virtually all of them have been accepted.  I ran Xen for a while but
> >> there are some real pricks hanging around the support forum and it got
> >> tiring reading all the flaming aimed at the new comers.  There was one
> >> guy in particular I filtered out to see what he had to say.   Only about
> >> 1 in 10 of his resonses were helpful, the rest were name calling and/or
> >> flames aimed at clueless newcomers.
> >
> >        One little caveat to the comments here.  The contributions from the
> > OpenVZ gang into the mainline kernel are for the LXC Linux Containers.
> > The Linux Vserver group (a similar parallel group) are making similar
> > contributions and are participating.  One would argue that they are both
> > working themselves out of a job.  The LXC containers will be the
> > mainline inheritor of those projects.  This will be the Linux equivalent
> > of Solaris Zones and BSD Gaols/Jails.   You can make it work now but
> > it's not plug and play quite yet, so I'm sticking with OpenVZ till LXC
> > is ready for prime time.
> >
> > http://www.ibm.com/developerworks/linux/library/l-lxc-containers/
> >
> >> Jim.
> >
> >        Regards,
> >        Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
> >   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
> >   NIC whois: MHW9          | An optimist believes we live in the best of all
> >  PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> >
> >

-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20090418/bd11fb3f/attachment-0001.bin 


More information about the Ale mailing list