Sunday, December 27, 2015

debian - Advice on most fitting choice of virtualization platform: Xen | OpenVZ | KVM | other? What suits the purpose best?



I am aware of the multitude of virtualization threads here but they all seem to be oldish and i'd like to have a brand new one ready for 2012.



I'm currently evaluating Xen, OpenVZ and KVM for virtualization purposes.
I'm having trouble deciding what to use.
The OS this will be running off of is Debian, preferably. The guest OS's will all be *nix based, mostly Debian as well. No windows, macos or other exotic stuff required.
I have a single server, which has 16gigs of ram and a xeon processor on it. I also have a software raid 1 disk configuration with 3tb raid capacity.




I am setting up this environment so separate the sites my current server hosts by level of trust, and software version.
For example, there are some sites i know might have security holes, others which should be perfectly secure, and others that require an archaic version of PHP.



All in all, i'd like to set up 3 different guests: one for trusted, one for untrusted, one for old php.



Part of my problem is managing backups properly:
I enjoy using Bacula or duplicity to manage my backups because of incremental, encrypted backups.
I do not want any of my client sites to ever have to go offline due to backup processes.
I also only have 100 gigs of remote off-site backup space, so i want to use that wiseley, and not just dump all i have up there. Restoring from backups should be fast [no downloading huge iso files!].




I also want to do the disk space allocation right.
I've read marvelous things about LVM and how it makes ones life easier.
Assuming a raid 1 [two 3tb disks under raid1], how would you lay out your partition map?



I'd be happy if somebody could share his personal experiences, setup configurations and win/fails regarding different virtualization platforms, for a similar goal as mine.



Thanks!


Answer



I'd say use KVM - that way your hypervisor & Dom0 can be the standard debian you're familiar with. With KVM, the hypervisor and the Dom0 are the same machine - it's one of the design principles behind KVM that the best hv to have is a full-featured linux system.




With Xen, the hypervisor runs on the bare metal and the Dom0 runs inside it along with all the guest DomUs, kind of like a special purpose VM.



I don't think container-style virtualisation offers enough real benefits over simple vhosting that it's worth the bother.



For performance, I think your plan to use LVM for VM images (rather than, say, image files on a fs) is a good one.



Alternatively, you could use zfsonlinux (note: not zfs-fuse, it's too slow) which is pretty stable and reliable. the "catch" is you have to download the debianised source packages from the ubuntu zfsonlinux PPAs and recompile them for debian. easy if you're comfortable with compiling packages, probably not very easy if you're not.



zfs gives you everything that LVM with fewer restrictions and limitations (e.g. snapshotting even running VM volumes is fast and easy), and with a much less steep learning curve. If you're already familiar with LVM that last one isn't a big deal.




Disclaimer: I'm opinionated and therefore biased.



I'm not a fan of Xen. I've used Xen & KVM, dabbled with vmware (and virtualbox too although that's more of an end-user/desktop-oriented virtualisation tool rather than server virtualisation) and I strongly prefer KVM. It just works, without stupid hassles.



I'm hoping that the recent merge of Xen into the mainline kernel results in rapid improvement of Xen. It certainly can't hurt to escape being stuck with ancient kernel versions.



similarly, i'm not a huge fan of LVM either. I used it in the past because there was nothing else that did what it did. However, I have never liked it and have always thought that it is clumsy and obtuse and gratuitously complicated. i've been using zfsonlinux for a few months now and it's everything i ever wanted LVM to be. I hope i never have to build or administer another lvm system again.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...