| |||
xomxorp | I discovered three major issues in the usage scenarios of OpenVZ in the enterprise market:
Now we have the virtualization platform for the enterprise, licensed under GNU GPLv2. Proxmox VE is the only virtualization platform which can do all of the following on one physical host:
Feel free to get in contact with me directly - martin@proxmox.com. | ||
| |||
| |||
k001 | Linus has released 2.6.26-rc1 yesterday. Here rc1 means this is the first "release candidate" for 2.6.26, and the merge window is now closed, so for the next two months or so before final 2.6.26 release only bugfixes will be accepted. And I just can't resist the temptation to post my new favorite image here, so you can enjoy it too: Click to get the hi-res image and the scripts used to produce it. The majority of these 299 changesets that made it to 2.6.26-rc1 is about network namespaces. | ||
| |||
| |||
dowdle | At this years Linuxfest Northwest 2008 show in Bellingham, Washington I gave a presentation entitled OS Virtualization vs. Hardware Virtualization. LFNW takes place at Bellingham Technical College and the BTC had video cameras setup in two of the presentations rooms. I was lucky enough to have my presentation streamed live as well as archived for playback anytime. I doubt there is any new material in my presentation for readers of this blog, because it was basically an Introduction to OpenVZ. The room was full and only a couple of people had used OpenVZ before so I was presenting to a lot of potential users. It is also available on ustream.tv. I believe the BTC folks will be offering all of the presentations for download in the near future. Feel free to check out my slides in PDF format. Unfortunately I didn't get to the last 5 slides which are about the inclusion of cgroups/containers in the mainline kernel, the contributions made by OpenVZ/Parallels, and future uses of containers. If you look at those slides you'll see I borrow from some recent material here on this blog. Near the end, when answering someone's question I mention offline migration and mistakenly refer to checkpointing and restoring from a checkpoint... which is obviously part of online migration. Other than that mistake I was fairly happy with the presentation. I also wrote an article entitled Linuxfest Northwest 2008 Report which includes links to all of the available presentation videos. I really recommend the Linuxfest Northwest conference... and it's free. | ||
| |||
| |||
k001 | As you may already know Linux kernel 2.6.25 is released today. Among many other things (see Linux 2.6.25 changelog at kernelnewbies.org for details), it moves us one step closer to having containers in the mainstream Linux. Or maybe even two steps. First is memory controller. The code is submitted by Balbir Singh (of IBM), and is mostly based on an earlier work by Pavel Emelyanov (of OpenVZ), Balbir and some others. It uses the "control groups" (cgroups) framework introduced earlier by Paul Menage of Google. Basically, memory controller (in its current form) lets one to control the amount of physical memory used by a group of processes (i.e. by a container). This is a vital feature for containers since all the containers are using the same RAM resource, so for containers to co-exist nicely they should not be allowed to use too much memory. Now, system administrator can set a per-container memory limits. The whole technology is known as User Beancounters (or just Beancounters) in OpenVZ world -- it's just we have more different parameters (and thus knobs and dials) in OpenVZ. But, in a sense, the memory controller that is now in mainstream is better than one we have in OpenVZ. The one in mainstream limits the amount of physical (RSS) pages used by a container, and if this limit is exceeded, pages are swapped out. Well, in fact, they are not swapped out -- this would cause the unnecessary disk I/O activity in case it's just a container limit being hit, and otherwise there is enough memory on the system. In this case container's memory pages are put to the swap cache. In case of global memory shortage this swap cache will be freed, i.e. swapped out to disk. To summarize, this cool feature allows to have containers with strict memory limits, but decent overall system behavior. The second feature (and thus the second step) is network namespaces -- an ability to for containers to have their own network stacks. This is still a work in progress. The first bits and pieces appeared in 2.6.24. A lot of network namespaces code (more than 200 changesets I guess) now appeared in 2.6.25, and despite my earlier predictions it's still not the end of the journey. A lot more code (also about 200 changesets) is now in net-2.6.26 tree (networking subsystem branch maintained by David Miller), scheduled to be included in Linux 2.6.26. Risking to be wrong for the second time, I'm still thinking that in Linux 2.6.26 we will likely have fairly complete implementation of net namespaces. A short description of what we will try to have in 2.6.26 as it comes for networking is here. Speaking of 2.6.26 -- looks like it will be our next base kernel. We are now maintaining 2.6.24-based development branch (which is also used for OpenVZ-enabled Ubuntu Hardy Heron kernels), and will start porting OpenVZ patchset to 2.6.26 soon. Finally, here's the graph that shows how many changesets, per kernel release, our team has contributed. No need to comment it I guess. Also, here's the list of top10 contributors to the Linux 2.6.25. Our company is #7. Top changeset contributors by employer (None) 1188 (9.3%) Red Hat 1181 (9.3%) Novell 817 (6.4%) IBM 703 (5.5%) Intel 472 (3.7%) Bartlomiej Zolnierkiewicz 307 (2.4%) Parallels 278 (2.2%) <--- Oracle 255 (2.0%) bunk@kernel.org 227 (1.8%) (Academia) 225 (1.8%) Pavel Emelyanov has made it to top10 of developers. Developers with the most changesets Bartlomiej Zolnierkiewicz 307 (2.4%) Adrian Bunk 234 (1.8%) Patrick McHardy 225 (1.8%) Ingo Molnar 213 (1.7%) Paul Mundt 207 (1.6%) Greg Kroah-Hartman 172 (1.4%) Thomas Gleixner 166 (1.3%) Jesper Nilsson 166 (1.3%) Pavel Emelyanov 160 (1.3%) <--- Harvey Harrison 150 (1.2%) Another prominent OpenVZ guy is Denis Lunev, who is number 26 in the list with 87 changesets. The full list of people contributed to this release is more than 1200 lines long. | ||
| |||
| |||
wfischer | As already foretold in the blog posting about Profoss conference, there has been some ongoing work on providing a load balancing solution for virtual machines, supporting Xen and OpenVZ. It works similar to the DRS feature of VMware VI.The home of the new project is lbvm.sourceforge.net - when you're an OpenVZ user, check it out! It is really interesting whenever you come to a situation to run multiple servers with OpenVZ. Quoting the project site: Virtualization technologies are used to enhance the hardware load on server systems and allow a more efficient use of those servers. Nowadays, there is a wide range of existing HA solutions which guarantee the availability of all virtual machines. There are just a few commercial solutions available for allocating virtual machines during their operation time to optimize the actual server workload (e.g. VMware DRS, VirtualIron LiveCapacity). A generic solution for all kinds of virtualization technologies is non existent today. [...] The LBVM consists of several scripts that allow to load balance virtual machines (currently preconfigured: Xen and OpenVZ) among physical servers - the algorithm is fully configurable. LBVM uses the Red Hat Cluster Suite to provide high availability and rgmanager (part of the Red Hat Cluster Suite) to perform the actual migration. Developed cluster scripts for Xen and OpenVZ allow the rgmanager to perform live migrations with zero-downtime to provide maximum reliability and uptime. The load balancing algorithm uses preconfigured resources (cpu, mem, load; fully configurable) to decide when and where to move a virtual machine. Reports and migrations are logged and also available in human-readable format. The initial release was done by Roland Dworschak, Sabine Huber, Alexander Leitner, and Joachim Pöttinger - all students at the Upper Austria University of Applied Sciences, Hagenberg Campus (course of studies Secure Information Systems). | ||
| |||
| |||
k001 | Better late than never, these are my impressions about SCALE and Florida Linux Show we (me and my colleague, an OpenVZ kernel developer Andrey Mirkin) went to in February. Back in 2006 I was a speaker at SCALE4x, so I can compare and say SCALE is getting bigger and better! This time it was three days, with three parallel conference tracks and about 80 booths, one of which was OpenVZ.
Also we did a talk on live migration which was quite technical and interesting. Talk was mostly delivered by Andrey, and this is the first time he did a talk in English. I hope that SCALE people will upload the audio/video from the talk -- it should be interesting enough. Unfortunately we were not able to listen to any other talks -- this is the price for having own booth.
I managed to show the live migration of a container running pacman xscreensaver, but it was interrrupted when I raised a hand with the second notebook to show it -- apparently both the power supply and the battery got disconnected so it suddenly switched off. I continued with the slides while Andrey fixed the notebook, and then I showed the demo (without touching the second notebook this time). This "demo effect" happens from time to time, and the more people are attending the more the probability that it will happen. Anyway, all's well that ends well.
Next day we were in New York and met with Vasily Tarasov, our colleague who is now taking the post graduate courses in Stony Brook University. He is working on various kernel-related projects and maybe will help us a bit with OpenVZ. | ||
| |||
| |||
wfischer | As mentioned earlier in the blog, I had to chance to talk about making OpenVZ highly available at the Profoss conference in Brussels. I was interviewed there by Toon Vanagt from virtualization.com about the WIKI article HA cluster with DRBD and Heartbeat and some background info on why this howto was written. You can read the whole interview at virtualization.com or watch the video right here: | ||
| |||
| |||
k001 | For those of you who are not yet aware, Linux kernel 2.6.24 is finally out. OpenVZ is (and has been, for the past few years) a good contributor to the mainline kernel. But in this release we are really doing better than before: 215 patches written by OpenVZ people submitted to the 2.6.24 kernel during the period of its development (i.e. last 3½ months). This is about 2% of all the patches that were merged into 2.6.24. Most of that patches are for PID namespaces, preliminary support for net namespaces (i.e. network stack virtualization for containers), and various bugfixes. PID namespace is now almost complete and quite usable, although it's marked as "experimental" for now. For the technical description of the feature, see this lwn.net article. Net namespace is a work-in-progress, and there are already a lot of patches stacked in Dave Miller's net-2.6.25 tree for future inclusion into the 2.6.25 mainline kernel. The feature is expected to be complete and usable by 2.6.25 kernel release, with IPv6 support coming a bit later. Jon Corbet of LWN.net also wrote about the 2.6.24 kernel statistics (back when it was still at a RC stage) here. Note that OpenVZ's Pavel Emelyanov is number 5 in "Most active developers" (by changeset) list, with 146 patches contributed. | ||
| |||
| |||
k001 | Daniel Robbins, the man who started Gentoo (one of my favorite Linux distros which I use on my notebook and a few boxes at home), blogs about OpenVZ and offers Gentoo templates for OpenVZ that he created here. I like the way he summarizes what OpenVZ is: "a really fantastic lightweight Linux virtualization technology that doesn't have the performance overhead of full OS virtualization systems". Gentoo templates and other OpenVZ-related stuff from Daniel can be downloaded from www.funtoo.org/linux/openvz/ | ||
| |||
| |||
k001 | IBM developerWorks recently published the second part of the article describing OpenVZ on Cell BE processors. Cell (Wikipedia article) is a very interesting microprocessor from IBM, which is based on 64-bit Power architecture, "but with unique features directed toward distributed processing and media-rich applications". Essentially, this is a hybrid CPU, combining traditional Power core and and eight specialized Synergistic Processing Elements (SPEs). Making OpenVZ kernel and tools SPE-aware is the main topic of the work being done. Read the article: part 1, part 2, and wait for part 3. Now all I need is Playstation 3 (which features Cell BE). | ||
| |||
| |||
k001 | I am happy to announce that OpenVZ is taking part in two Linux events this February. As always, we will be happy to meet with OpenVZ users. | ||
| |||
| |||
wfischer | At this years Profoss virtualization event, I will give a talk about "HA clustering made simple with OpenVZ". In addition to the information about HA clustering with OpenVZ that is currently available in the OpenVZ WIKI article HA cluster with DRBD and Heartbeat I'll show how the checkpointing feature of OpenVZ can be used for a "live switchover" cluster feature. Thomas Kappelmüller (he attends Upper Austria University of Applied Sciences, Hagenberg Campus - Computer- and Media Security (B.Sc.)) has written some scripts for this purpose (we will add the scripts and some background information about using them in the HA cluster with DRBD and Heartbeat article shortly). And another brand-new outlook about clustering will be given: some students of Secure Information Systems (M.Sc.) - also at the Upper Austria University of Applied Sciences, Hagenberg Campus - have worked on "LBVM" (load balancing of virtual machines). The LBVM allows sharing virtual machines among physical servers in a predefined cluster. With the help of load balancing algorithms it is possible to automatically live migrate VEs. Their solution uses a general approach, which allows the use of different virtualization technologies (initially they support OpenVZ and Xen). Of course there are also a lot of other interesting talks at the conference - so it's really worth attending it. And it would be really nice talking to some other OpenVZ users there ;-) | ||
| |||
| |||
k001 | SWsoft, sponsor of the OpenVZ project, has recently announced that it will adopt "Parallels" as a new corporate name moving into next year. So, you might ask what what does this mean for OpenVZ? Absolutely nothing. We will keep doing what we do, providing new releases, fixing bugs, supporting our users and remain focused on integrating containers virtualization technology into the mainstream Linux. Separate from the company name change, you'll see us slowly cease using the terms "VE" (virtual environment) and "OS-level virtualization". The terms commonly used in the industry are "containers" and "contaners-type virtualization" -- and we are already using those. Remember: a VPS is a VE is a container. | ||
| |||
| |||
k001 | We have recently started a Partners section on our wiki for those who are working together with the OpenVZ project in one way or another. Our intent is to build this over time to serve as a resource. And it already works -- a couple of companies have added their profiles recently. If you have created virtual appliances that use OpenVZ, or provide support services, or qualify in some other way, feel free to edit the page and add your profile there. If you have any questions, just go ahead and e-mail me, kir@openvz.org. Just a note that this section is quite different from the 2006 Contributions section on the Wiki to acknowledge those people who contributed to the OpenVZ project last year. | ||
| |||
| |||
dowdle | Cool. Two familiar names (Pavel Emelyanov and Kir Kolyshkin) contributed an article to this week's Linux Weekly News Kernel page. The article in question is entitled PID namespaces in the 2.6.24 kernel. Obligatory quote:One of the new features in the upcoming 2.6.24 kernel will be the PID namespaces support developed by the OpenVZ team with the help of IBM. The PID namespace allows for creating sets of tasks, with each such set looking like a standalone machine with respect to process IDs. In other words, tasks in different namespaces can have the same IDs. It is good to see quite a bit of the work done by OpenVZ developers going into the mainline Linux kernel! | ||
| |||
| |||
dowdle | Ok, so this blog entry isn't about OpenVZ... but it is closely related since it is about SWsoft's Virtuozzo. According to an article entitled, SWsoft tries to virtualize China before VMware speaks the language, it appears that Virtuozzo uptake in China is doing quite well. I wonder what the uptake for OpenVZ is in China? Obligatory quote:Chatting with Beloussov is one of the more refreshing experiences for a technology journalist. This feisty Russian has yet to attend sugar-coating school. | ||
| |||
| |||
k001 | One of the goals of OpenVZ project is to integrate containers functionality into the mainstream Linux kernel. As you know, most of the new kernel code goes through Andrew Morton, the right hand of Linus Torvalds. I just came across the video of Andrew speaking at the LinuxWorld Expo 2007. Among the other topics, he tells what is going to be in the kernel in a year or so. It is quite interesting to see what he thinks of containers -- to see that part, scroll to 40:58. Update: here's the transcription of the relevant part, provided by The one prediction I am prepared to make is that over the next 1 to 2 years there'll be quite a lot of focus in the core of the Linux kernel on the project which has many names. Some people call it containerization, others will call it operating system virtualization, other people will call it resource management. It's a whole cloud of different features which have different applications. It can be used for machine partitioning, to partition workloads amongst one machine, otherwise known as workload management. Server consolidation. Well, you have a whole bunch of servers which are 30 percent loaded -- move all those things onto one the machine without having to tread on each others toes. Resource management. A number of people in the high end numerical computing want this; numerical computing area want resource management. Other people who are running world famous web search engines also want resource management in their kernel. In fact, the major, central piece of the whole containerization framework is from an engineer at Google. It's in my tree at present and I'm hoping to get it in at 2.6.24. It's just a framework for containerization. A whole lot of other stuff is going to plug in underneath it, which is under development at present. So an example of resource management is you might have a particular group of processes, [and] you want to not let it use more than 200 MB of physical memory, and a certain amount of disk bandwidth, network bandwidth, a certain amount of CPU -- so you can just have this little blob and give it maximum amount of resources it can consume, let it run without letting it trash everything else which is running on the machine. So that is a resource management application. People also need this feature for high availability... and I'm still not really sure I understand why. Also the OpenVZ product, which comes out of the development team in Russia -- that's a mature project that is mainly for web server virtualization, having lots and lots of different instances of the web server on one machine, not have one excessively taking resources away from another. They've been working very hard and very patiently, and with great accommodation on this project. I hope slowly we'll start moving significant parts of the OpenVZ product into the Linux kernel in a way in which it's acceptable to all the other stake holders, so that those guys don't end up carrying such a patch burden. | ||
| |||
| |||
k001 | Here is good news for SLES users. I'm happy to report that the OpenVZ team resumed working on the SLES10-based OpenVZ kernel a few months ago, and we now have pretty stable SLES10 OpenVZ kernel. I encourage all SLES users to try it out. The SLES10 kernel itself is based on the Linux kernel 2.6.16, and until SLES11 comes out, it remains the most "enterprise" (read stable and supported) kernel coming from Novell/SUSE. So, what we did is we took that kernel and ported our OpenVZ patchset to it. The only feature missing is I/O priority support, which is because the disk CFQ scheduler used in 2.6.16 is way too old. Other than that, it's a pretty decent kernel, and while we haven't declared it as stable yet we will do so really soon. Here is a summary for all the other branches we develop/support as of now, with download links: Stable: 2.6.9 (rhel4 based), 2.6.18 (rhel5 based), 2.6.18 (vanilla based). SLES10 will be added to this list soon. Development: 2.6.22 (vanilla). | ||
| |||
| |||
k001 | Last week I went to Cambridge, UK with my colleague Pavel Emelyanov to take part in the LinuxConf Europe and the containers mini-summit, as well as the Linux Kernel Summit session devoted to containers. Pavel, who works in the OpenVZ kernel team, is now working on integrating our technology into the mainstream Linux kernel. To his credit, the memory controller and the PID namespace patch (see my recent blog post), which were integrated into -mm recently, are mostly due to him. The first event in Cambridge was LinuxConf Europe, where we both presented our talks on containers -- mine was a general introduction to virtualization, containers, and OpenVZ, while Pavel described some intimate details of memory controller (read "beancounters") implementation. The next day we had to skip the LinuxConf to take part in the containers mini-summit. This was an event for all the containers shareholders to discuss what and how to present the containers topic at the Kernel Summit. Unfortunately, Eric Biederman (Linux Networx) and Paul Menage (Google) came later, and Balbir Singh (IBM) was buzy with VM mini-summit, so we did this mini-summit in two rounds. First round was with Pavel (OpenVZ), Cedric Le Goater (IBM), Oren Laadan (of Zap -- a checkpointing and live migration project), Kamezava Hiroyuki (of Fujitsu Japan, mostly interested in resource management), and Paul (who joined us over Skype). The second round was with Eric, Paul, and Balbir -- the next day in the hall. The results of this mini-summit are a few threads on containers@ mailing list, plus a few documents here. Finally, there was 30-minute topic on the Kernel Summit devoted to the containers. Paul and Eric have summarized what we have done so far, and what are we going to do next. There was not much discussion, which I think is healthy because now everybody knows about containers and why they are needed. Slides from the talk are available here. Jonathan Corbet (of Linux Weekly News) also provided a summary of the topic (this is still subscriber-only content, but since I'm a subscriber I can share a free link with you). It feels like we are making good progress and are on the right path to a containers implementation in the Linux kernel. You can see some people helping to make this happen in this photo. Click the image for larger version. ![]() | ||
| |||
| |||
k001 | In case you haven't seen it yet, ML: Can you update us on the current status of OpenVZ integration into the mainline kernel? Do you expect anything to happen in the near future regarding integration? Kir: Most notable is the addition of the PID namespace patchset by Pavel Emelyanov into -mm (Andrew Morton's) tree -- it means the code will be in Linus' kernel in a few months. PID namespaces is a feature that makes it possible to have different sets of PIDs in different containers. The code was mostly developed by OpenVZ's Pavel Emelyanov, with some pieces from IBM's Sukadev Bhattiprolu. With the first version sent back in May, it was rewritten a few times to incorporate comments, suggestions and feature requests from everyone who was interested. ( Read more... ) The interview is quite long; see the rest at montanalinux.org. I'd also like to add that just a few days ago the memory controller patchset was also accepted into -mm tree. It does things similar to user beancounters in OpenVZ. So far, the accepted code only provides group-based RSS and page cache accounting, plus a generic infrastructure to add another accountables. The code was developed by Pavel Emelyanov and Balbir Singh (of IBM) in close collaboration. With that in place, today Pavel already sent the first version of kernel memory controller. The code is not aimed for inclusion yet -- it is mostly aimed at spiking the discussion and trying to determine the needs. | ||
| |||



