We are huge fans of OpenVZ container level virtualisation. Although we're quite puzzled as to why it is not more popular.
What is OpenVZ you ask?
OpenVZ is operating system-level virtualization based on a modified Linux kernel that allows a physical server to run multiple isolated instances known as containers, virtual private servers (VPS), or virtual environments (VE). The preferred term these days is container. Containers are sometimes compared to chroot or jail type environments but containers are really much better in terms of isolation, security, functionality, and resource management.
Why we use OpenVZ
In a nutshell: Because a 512M XEN VM is a waste!
OpenVZ uses a shared kernel for all virtual environments so it is extremely light weight, and requires minimal overhead when compared to other virtualisaion methods.
Given a 512M XEN VM we could easily partition it into 6 or more Virtual Environments and still maintain excellent performance and responsiveness of each environment.
Other benefits include:
- Allows for overcommitment of resources, and when a virtual environment requires resources 100% of the host node's power is available.
- Manage firewall from the host node (or virtual environment).
- Pooled filesystem (/vz/) is shared with all virtual environments - this makes backups easy. And means very little disk space is wasted.
- Requires a modified operating system image (In a followup article we'll explain how we build our CentOS images using Kickstart, and make the necessary modifications. As well as going into detail on how to build fully automatable and scriptable deployments using OpenVZ)
- Resource allocation parameters are not for the faint hearted. It's quite easy to underprovision a virtual environment.
This is the first in a series of articles on how we use virtualisation at Adlibre. Stay tuned for more.